From 924deee97ead2c930dc5327ebfb95270c3a6a844 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Tue, 7 Mar 2023 15:00:43 +0800 Subject: [PATCH 01/24] error verify --- tee-worker/ts-tests/identity.test.ts | 206 ++++++++++---------- tee-worker/ts-tests/indirect_error_calls.ts | 44 ++++- 2 files changed, 151 insertions(+), 99 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index ba8627a4fd..316df4b61a 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -14,7 +14,7 @@ import { import { ethers } from 'ethers'; import { HexString } from '@polkadot/util/types'; import { KeyringPair } from '@polkadot/keyring/types'; -import { createErrorIdentity, setErrorUserShieldingKey } from './indirect_error_calls'; +import { createErrorIdentity, setErrorUserShieldingKey, verifyErrorIdentity } from './indirect_error_calls'; const twitterIdentity = { Web2: { @@ -132,75 +132,75 @@ describeLitentry('Test Identity', (context) => { console.log('post verification msg to twitter: ', msg); assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); } - //create ethereum identity - const resp_ethereum = await createIdentity(context, context.defaultSigner[0], aesKey, true, ethereumIdentity); - assertIdentityCreated(context.defaultSigner[0], resp_ethereum); - - if (resp_ethereum) { - console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_ethereum.challengeCode), - context.defaultSigner[0].addressRaw, - ethereumIdentity - ); - console.log('post verification msg to ethereum: ', msg); - ethereumValidationData!.Web3Validation!.Evm!.message = msg; - const msgHash = ethers.utils.arrayify(msg); - signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); - ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; - assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); - } - // create substrate identity - const resp_substrate = await createIdentity(context, context.defaultSigner[0], aesKey, true, substrateIdentity); - assertIdentityCreated(context.defaultSigner[0], resp_substrate); - - if (resp_substrate) { - console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_substrate.challengeCode), - context.defaultSigner[0].addressRaw, - substrateIdentity - ); - - console.log('post verification msg to substrate: ', msg); - substrateValidationData!.Web3Validation!.Substrate!.message = msg; - signature_substrate = context.defaultSigner[0].sign(msg); - substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - } - - // Bob - // create extension substrate identity - // https://github.com/litentry/litentry-parachain/issues/1137 - const resp_extension_substrate = await createIdentity( - context, - context.defaultSigner[1], - aesKey, - true, - substrateExtensionIdentity - ); - assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); - if (resp_extension_substrate) { - console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_extension_substrate.challengeCode), - context.defaultSigner[1].addressRaw, - substrateExtensionIdentity - ); - - console.log('post verification msg to substrate: ', msg); - substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; - // sign the wrapped version as in polkadot-extension - signature_substrate = context.defaultSigner[1].sign( - u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) - ); - substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = - u8aToHex(signature_substrate); - assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); - } + // //create ethereum identity + // const resp_ethereum = await createIdentity(context, context.defaultSigner[0], aesKey, true, ethereumIdentity); + // assertIdentityCreated(context.defaultSigner[0], resp_ethereum); + + // if (resp_ethereum) { + // console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_ethereum.challengeCode), + // context.defaultSigner[0].addressRaw, + // ethereumIdentity + // ); + // console.log('post verification msg to ethereum: ', msg); + // ethereumValidationData!.Web3Validation!.Evm!.message = msg; + // const msgHash = ethers.utils.arrayify(msg); + // signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); + // ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; + // assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); + // } + // // create substrate identity + // const resp_substrate = await createIdentity(context, context.defaultSigner[0], aesKey, true, substrateIdentity); + // assertIdentityCreated(context.defaultSigner[0], resp_substrate); + + // if (resp_substrate) { + // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_substrate.challengeCode), + // context.defaultSigner[0].addressRaw, + // substrateIdentity + // ); + + // console.log('post verification msg to substrate: ', msg); + // substrateValidationData!.Web3Validation!.Substrate!.message = msg; + // signature_substrate = context.defaultSigner[0].sign(msg); + // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + // } + + // // Bob + // // create extension substrate identity + // // https://github.com/litentry/litentry-parachain/issues/1137 + // const resp_extension_substrate = await createIdentity( + // context, + // context.defaultSigner[1], + // aesKey, + // true, + // substrateExtensionIdentity + // ); + // assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); + // if (resp_extension_substrate) { + // console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_extension_substrate.challengeCode), + // context.defaultSigner[1].addressRaw, + // substrateExtensionIdentity + // ); + + // console.log('post verification msg to substrate: ', msg); + // substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; + // // sign the wrapped version as in polkadot-extension + // signature_substrate = context.defaultSigner[1].sign( + // u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) + // ); + // substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = + // u8aToHex(signature_substrate); + // assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); + // } }); step('verify identity', async function () { @@ -216,41 +216,51 @@ describeLitentry('Test Identity', (context) => { ); assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); - // verify ethereum identity - const ethereum_identity_verified = await verifyIdentity( - context, - context.defaultSigner[0], - aesKey, - true, - ethereumIdentity, - ethereumValidationData - ); - assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); + // // verify ethereum identity + // const ethereum_identity_verified = await verifyIdentity( + // context, + // context.defaultSigner[0], + // aesKey, + // true, + // ethereumIdentity, + // ethereumValidationData + // ); + // assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); + + // //verify substrate identity + // const substrate_identity_verified = await verifyIdentity( + // context, + // context.defaultSigner[0], + // aesKey, + // true, + // substrateIdentity, + // substrateValidationData + // ); + // assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); + + // //Bob + // //verify extension substrate identity + // const substrate_extension_identity_verified = await verifyIdentity( + // context, + // context.defaultSigner[1], + // aesKey, + // true, + // substrateExtensionIdentity, + // substrateExtensionValidationData + // ); + // assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); + }); - //verify substrate identity - const substrate_identity_verified = await verifyIdentity( + step('error verify', async function () { + const twitter_identity_verified = await verifyErrorIdentity( context, context.defaultSigner[0], aesKey, true, - substrateIdentity, - substrateValidationData - ); - assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); - - //Bob - //verify extension substrate identity - const substrate_extension_identity_verified = await verifyIdentity( - context, - context.defaultSigner[1], - aesKey, - true, - substrateExtensionIdentity, - substrateExtensionValidationData + twitterIdentity, + twitterValidationData ); - assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); }); - step('remove identity', async function () { // Alice // remove twitter identity diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 0ca6d7d3ee..5266e00548 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -1,7 +1,12 @@ import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock } from './utils'; import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; -import { IntegrationTestContext } from './type-definitions'; +import { + IdentityGenericEvent, + IntegrationTestContext, + LitentryIdentity, + LitentryValidationData, +} from './type-definitions'; import { expect } from 'chai'; export async function setErrorUserShieldingKey( @@ -48,3 +53,40 @@ export async function createErrorIdentity( } return undefined; } + +export async function verifyErrorIdentity( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + identity: LitentryIdentity, + data: LitentryValidationData +): Promise { + const identity_encode = context.substrate.createType('LitentryIdentity', identity).toHex(); + const validation_encode = context.substrate.createType('LitentryValidationData', data).toHex(); + const identity_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, identity_encode).toString('hex'); + const validation_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, validation_encode).toString( + 'hex' + ); + + const tx = context.substrate.tx.identityManagement.verifyIdentity( + context.mrEnclave, + `0x${identity_ciphertext}`, + `0x${validation_ciphertext}` + ); + + await sendTxUntilInBlock(context.substrate, tx, signer); + + if (listening) { + const events = await listenEvent(context.substrate, 'identityManagement', ['IdentityAlreadyVerified']); + expect(events.length).to.be.equal(1); + const data = events[0].data as any; + // return decodeIdentityEvent( + // context.substrate, + // data.account.toHex(), + // decryptWithAES(aesKey, data.identity, 'hex'), + // decryptWithAES(aesKey, data.idGraph, 'hex') + // ); + } + return undefined; +} From 8e5484a1191c63309e5bb71354a983511e7cf282 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 16:07:35 +0800 Subject: [PATCH 02/24] batch call of identity --- tee-worker/ts-tests/identity.test.ts | 314 ++++++++++++++------------ tee-worker/ts-tests/indirect_calls.ts | 152 ++++++++++++- tee-worker/ts-tests/utils.ts | 29 +++ 3 files changed, 344 insertions(+), 151 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 316df4b61a..13e2b573cc 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -1,6 +1,14 @@ import { describeLitentry, generateVerificationMessage } from './utils'; import { hexToU8a, u8aConcat, u8aToHex, u8aToU8a, stringToU8a } from '@polkadot/util'; -import { createIdentity, setUserShieldingKey, removeIdentity, verifyIdentity } from './indirect_calls'; +import { + createIdentity, + setUserShieldingKey, + removeIdentity, + verifyIdentity, + createIdentityList, + verifyIdentityList, + removeIdentityList, +} from './indirect_calls'; import { step } from 'mocha-steps'; import { assert } from 'chai'; import { @@ -14,7 +22,13 @@ import { import { ethers } from 'ethers'; import { HexString } from '@polkadot/util/types'; import { KeyringPair } from '@polkadot/keyring/types'; -import { createErrorIdentity, setErrorUserShieldingKey, verifyErrorIdentity } from './indirect_error_calls'; +import { + createErrorIdentity, + removeErrorIdentity, + setErrorUserShieldingKey, + verifyErrorIdentity, + removeErrorIdentityList, +} from './indirect_error_calls'; const twitterIdentity = { Web2: { @@ -30,6 +44,12 @@ const ethereumIdentity = { }, }; +const ethereumErrorIdentity = { + Evm: { + address: '0xff93B45308FD417dF303D6515aB04D9e89a750Cb', + network: 'Ethereum', + }, +}; const substrateIdentity = { Substrate: { address: '0xd43593c715fdd31c61141abd04a99fd6822c8558854ccde39a5684e7a56da27d', //Alice @@ -111,14 +131,21 @@ describeLitentry('Test Identity', (context) => { step('set user shielding key', async function () { const alice = await setUserShieldingKey(context, context.defaultSigner[0], aesKey, true); assert.equal(alice, u8aToHex(context.defaultSigner[0].addressRaw), 'check caller error'); - const bob = await setUserShieldingKey(context, context.defaultSigner[1], aesKey, true); assert.equal(bob, u8aToHex(context.defaultSigner[1].addressRaw), 'check caller error'); }); step('create identity', async function () { - //create twitter identity - const resp_twitter = await createIdentity(context, context.defaultSigner[0], aesKey, true, twitterIdentity); + //Alice create all identity + const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentityList( + context, + context.defaultSigner[0], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity] + )) as IdentityGenericEvent[]; + + //check twitter identity assertIdentityCreated(context.defaultSigner[0], resp_twitter); if (resp_twitter) { @@ -132,165 +159,137 @@ describeLitentry('Test Identity', (context) => { console.log('post verification msg to twitter: ', msg); assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); } - // //create ethereum identity - // const resp_ethereum = await createIdentity(context, context.defaultSigner[0], aesKey, true, ethereumIdentity); - // assertIdentityCreated(context.defaultSigner[0], resp_ethereum); - - // if (resp_ethereum) { - // console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_ethereum.challengeCode), - // context.defaultSigner[0].addressRaw, - // ethereumIdentity - // ); - // console.log('post verification msg to ethereum: ', msg); - // ethereumValidationData!.Web3Validation!.Evm!.message = msg; - // const msgHash = ethers.utils.arrayify(msg); - // signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); - // ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; - // assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); - // } - // // create substrate identity - // const resp_substrate = await createIdentity(context, context.defaultSigner[0], aesKey, true, substrateIdentity); - // assertIdentityCreated(context.defaultSigner[0], resp_substrate); - - // if (resp_substrate) { - // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_substrate.challengeCode), - // context.defaultSigner[0].addressRaw, - // substrateIdentity - // ); - - // console.log('post verification msg to substrate: ', msg); - // substrateValidationData!.Web3Validation!.Substrate!.message = msg; - // signature_substrate = context.defaultSigner[0].sign(msg); - // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - // } - - // // Bob - // // create extension substrate identity - // // https://github.com/litentry/litentry-parachain/issues/1137 - // const resp_extension_substrate = await createIdentity( - // context, - // context.defaultSigner[1], - // aesKey, - // true, - // substrateExtensionIdentity - // ); - // assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); - // if (resp_extension_substrate) { - // console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_extension_substrate.challengeCode), - // context.defaultSigner[1].addressRaw, - // substrateExtensionIdentity - // ); - - // console.log('post verification msg to substrate: ', msg); - // substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; - // // sign the wrapped version as in polkadot-extension - // signature_substrate = context.defaultSigner[1].sign( - // u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) - // ); - // substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = - // u8aToHex(signature_substrate); - // assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); - // } - }); - - step('verify identity', async function () { - //Alice - //verify twitter identity - const twitter_identity_verified = await verifyIdentity( + //check ethereum identity + assertIdentityCreated(context.defaultSigner[0], resp_ethereum); + if (resp_ethereum) { + console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_ethereum.challengeCode), + context.defaultSigner[0].addressRaw, + ethereumIdentity + ); + console.log('post verification msg to ethereum: ', msg); + ethereumValidationData!.Web3Validation!.Evm!.message = msg; + const msgHash = ethers.utils.arrayify(msg); + signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); + ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; + assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); + } + // check substrate identity + assertIdentityCreated(context.defaultSigner[0], resp_substrate); + if (resp_substrate) { + console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_substrate.challengeCode), + context.defaultSigner[0].addressRaw, + substrateIdentity + ); + console.log('post verification msg to substrate: ', msg); + substrateValidationData!.Web3Validation!.Substrate!.message = msg; + signature_substrate = context.defaultSigner[0].sign(msg); + substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + } + // Bob + // create extension substrate identity + // https://github.com/litentry/litentry-parachain/issues/1137 + const resp_extension_substrate = await createIdentity( context, - context.defaultSigner[0], + context.defaultSigner[1], aesKey, true, - twitterIdentity, - twitterValidationData + substrateExtensionIdentity ); - assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); - - // // verify ethereum identity - // const ethereum_identity_verified = await verifyIdentity( - // context, - // context.defaultSigner[0], - // aesKey, - // true, - // ethereumIdentity, - // ethereumValidationData - // ); - // assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); - - // //verify substrate identity - // const substrate_identity_verified = await verifyIdentity( - // context, - // context.defaultSigner[0], - // aesKey, - // true, - // substrateIdentity, - // substrateValidationData - // ); - // assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); - - // //Bob - // //verify extension substrate identity - // const substrate_extension_identity_verified = await verifyIdentity( - // context, - // context.defaultSigner[1], - // aesKey, - // true, - // substrateExtensionIdentity, - // substrateExtensionValidationData - // ); - // assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); + assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); + if (resp_extension_substrate) { + console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_extension_substrate.challengeCode), + context.defaultSigner[1].addressRaw, + substrateExtensionIdentity + ); + console.log('post verification msg to substrate: ', msg); + substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; + // sign the wrapped version as in polkadot-extension + signature_substrate = context.defaultSigner[1].sign( + u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) + ); + substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = + u8aToHex(signature_substrate); + assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); + } }); + step('verify identity', async function () { + //Alice + // verify all identity + const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = + (await verifyIdentityList( + context, + context.defaultSigner[0], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as IdentityGenericEvent[]; - step('error verify', async function () { - const twitter_identity_verified = await verifyErrorIdentity( + assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); + + assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); + //Bob + // verify extension substrate identity + const substrate_extension_identity_verified = await verifyIdentity( context, - context.defaultSigner[0], + context.defaultSigner[1], aesKey, true, - twitterIdentity, - twitterValidationData + substrateExtensionIdentity, + substrateExtensionValidationData ); + assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); }); + + // step('verify error identity', async function () { + // const twitter_identity_same_verified = await verifyErrorIdentity( + // context, + // context.defaultSigner[0], + // aesKey, + // true, + // twitterIdentity, + // twitterValidationData + // ); + // // console.log(twitter_identity_error_verified.toHuman()); + // assert.equal( + // twitter_identity_same_verified, + // 'code not found', + // 'verify twitter should fail with reason `code not found`' + // ); + + // const ethereum_identity_not_exist_verified = await verifyErrorIdentity( + // context, + // context.defaultSigner[2], + // aesKey, + // true, + // ethereumIdentity, + // ethereumValidationData + // ); + // assert.equal( + // ethereum_identity_not_exist_verified, + // 'code not found', + // 'verify ethereum should fail with reason `code not found`' + // ); + // }); step('remove identity', async function () { - // Alice - // remove twitter identity - const twitter_identity_removed = await removeIdentity( - context, - context.defaultSigner[0], - aesKey, - true, - twitterIdentity - ); + const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = + (await removeIdentityList(context, context.defaultSigner[0], aesKey, true, [ + twitterIdentity, + ethereumIdentity, + substrateIdentity, + ])) as IdentityGenericEvent[]; assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); - - // remove ethereum identity - const ethereum_identity_removed = await removeIdentity( - context, - context.defaultSigner[0], - aesKey, - true, - ethereumIdentity - ); assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); - - // remove substrate identity - const substrate_identity_removed = await removeIdentity( - context, - context.defaultSigner[0], - aesKey, - true, - substrateIdentity - ); assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); // Bob @@ -305,6 +304,21 @@ describeLitentry('Test Identity', (context) => { assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); }); + step('remove error identity', async function () { + const error_identities = (await removeErrorIdentityList(context, context.defaultSigner[0], aesKey, true, [ + twitterIdentity, + ethereumIdentity, + substrateIdentity, + ])) as any; + error_identities.map((item: any) => { + const result = item.toHuman().data.reason; + assert( + result.search('IdentityNotExist') !== -1, + 'remove twitter should fail with reason `IdentityNotExist`' + ); + }); + }); + step('set error user shielding key', async function () { const result = await setErrorUserShieldingKey(context, context.defaultSigner[0], errorAseKey, true); diff --git a/tee-worker/ts-tests/indirect_calls.ts b/tee-worker/ts-tests/indirect_calls.ts index 752b8efe0b..b8534e7564 100644 --- a/tee-worker/ts-tests/indirect_calls.ts +++ b/tee-worker/ts-tests/indirect_calls.ts @@ -5,7 +5,13 @@ import { LitentryValidationData, Assertion, } from './type-definitions'; -import { decryptWithAES, encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock } from './utils'; +import { + decryptWithAES, + encryptWithTeeShieldingKey, + listenEvent, + sendTxUntilInBlock, + sendTxUntilInBlockList, +} from './utils'; import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; import { ApiPromise } from '@polkadot/api'; @@ -64,7 +70,52 @@ export async function createIdentity( } return undefined; } +export async function createIdentityList( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + identities: LitentryIdentity[] +): Promise { + let txs: any[] = []; + for (let index = 0; index < identities.length; index++) { + const identity = identities[index]; + const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); + const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); + const tx = context.substrate.tx.identityManagement.createIdentity( + context.mrEnclave, + signer.address, + `0x${ciphertext}`, + null + ); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + index; + txs.push({ tx, nonce: newNonce }); + } + await sendTxUntilInBlockList(context.substrate, txs, signer); + + if (listening) { + const events = (await listenEvent(context.substrate, 'identityManagement', ['IdentityCreated'])) as any; + expect(events.length).to.be.equal(identities.length); + + let results: IdentityGenericEvent[] = []; + + for (let index = 0; index < events.length; index++) { + results.push( + decodeIdentityEvent( + context.substrate, + events[index].data.account.toHex(), + decryptWithAES(aesKey, events[index].data.identity, 'hex'), + decryptWithAES(aesKey, events[index].data.idGraph, 'hex'), + decryptWithAES(aesKey, events[index].data.code, 'hex') + ) + ); + } + return [...results]; + } + return undefined; +} export async function removeIdentity( context: IntegrationTestContext, signer: KeyringPair, @@ -92,7 +143,46 @@ export async function removeIdentity( } return undefined; } +export async function removeIdentityList( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + identity: LitentryIdentity[] +): Promise { + let txs: any[] = []; + for (let index = 0; index < identity.length; index++) { + const encode = context.substrate.createType('LitentryIdentity', identity[index]).toHex(); + const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); + + const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + index; + txs.push({ tx, nonce: newNonce }); + } + await sendTxUntilInBlockList(context.substrate, txs, signer); + + if (listening) { + const events = (await listenEvent(context.substrate, 'identityManagement', ['IdentityRemoved'])) as any; + expect(events.length).to.be.equal(identity.length); + + let results: IdentityGenericEvent[] = []; + + for (let index = 0; index < events.length; index++) { + results.push( + decodeIdentityEvent( + context.substrate, + events[index].data.account.toHex(), + decryptWithAES(aesKey, events[index].data.identity, 'hex'), + decryptWithAES(aesKey, events[index].data.idGraph, 'hex') + ) + ); + } + return [...results]; + } + return undefined; +} export async function verifyIdentity( context: IntegrationTestContext, signer: KeyringPair, @@ -130,6 +220,66 @@ export async function verifyIdentity( return undefined; } +export async function verifyIdentityList( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + identities: LitentryIdentity[], + datas: LitentryValidationData[] +): Promise { + let txs: any[] = []; + for (let index = 0; index < identities.length; index++) { + let identity = identities[index]; + + let data = datas[index]; + + const identity_encode = context.substrate.createType('LitentryIdentity', identity).toHex(); + + const validation_encode = context.substrate.createType('LitentryValidationData', data).toHex(); + + const identity_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, identity_encode).toString( + 'hex' + ); + + const validation_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, validation_encode).toString( + 'hex' + ); + + const tx = context.substrate.tx.identityManagement.verifyIdentity( + context.mrEnclave, + `0x${identity_ciphertext}`, + `0x${validation_ciphertext}` + ); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + index; + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + + if (listening) { + const events = (await listenEvent(context.substrate, 'identityManagement', ['IdentityVerified'])) as any; + + expect(events.length).to.be.equal(identities.length); + + let results: IdentityGenericEvent[] = []; + + for (let index = 0; index < events.length; index++) { + results.push( + decodeIdentityEvent( + context.substrate, + events[index].data.account.toHex(), + decryptWithAES(aesKey, events[index].data.identity, 'hex'), + decryptWithAES(aesKey, events[index].data.idGraph, 'hex') + ) + ); + } + return [...results]; + } + return undefined; +} + //vcManagement export async function requestVC( context: IntegrationTestContext, diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index 1e3f956aae..dbd0e28bba 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -120,6 +120,35 @@ export async function sendTxUntilInBlock(api: ApiPromise, tx: SubmittableExtrins }); } +export async function sendTxUntilInBlockList( + api: ApiPromise, + txs: { + tx: SubmittableExtrinsic; + nonce: string; + }[], + signer: KeyringPair +) { + return new Promise<{ + block: string; + }>(async (resolve, reject) => { + await Promise.all( + txs.map(async ({ tx, nonce }) => { + // await tx.paymentInfo(signer); + tx.signAndSend(signer, { nonce }, (result) => { + if (result.status.isInBlock) { + console.log(`Transaction included at blockHash ${result.status.asInBlock}`); + resolve({ + block: result.status.asInBlock.toString(), + }); + } else if (result.status.isInvalid) { + reject(`Transaction is ${result.status}`); + } + }); + }) + ); + }); +} + // Subscribe to the chain until we get the first specified event with given `section` and `methods`. // We can listen to multiple `methods` as long as they are emitted in the same block. // The event consumer should do the decryption optionaly as it's event specific From 0818632793509b84c5957a0cdd1a9c0809b9f351 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 16:50:59 +0800 Subject: [PATCH 03/24] batch call of vc --- tee-worker/ts-tests/indirect_calls.ts | 111 +++++++++++++++++++++++++- tee-worker/ts-tests/vc.test.ts | 59 ++++++++------ 2 files changed, 142 insertions(+), 28 deletions(-) diff --git a/tee-worker/ts-tests/indirect_calls.ts b/tee-worker/ts-tests/indirect_calls.ts index b8534e7564..cad6a89c2b 100644 --- a/tee-worker/ts-tests/indirect_calls.ts +++ b/tee-worker/ts-tests/indirect_calls.ts @@ -70,7 +70,7 @@ export async function createIdentity( } return undefined; } -export async function createIdentityList( +export async function createIdentities( context: IntegrationTestContext, signer: KeyringPair, aesKey: HexString, @@ -143,7 +143,7 @@ export async function removeIdentity( } return undefined; } -export async function removeIdentityList( +export async function removeIdentities( context: IntegrationTestContext, signer: KeyringPair, aesKey: HexString, @@ -220,7 +220,7 @@ export async function verifyIdentity( return undefined; } -export async function verifyIdentityList( +export async function verifyIdentities( context: IntegrationTestContext, signer: KeyringPair, aesKey: HexString, @@ -300,7 +300,58 @@ export async function requestVC( } return undefined; } +export async function requestVCs( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + mrEnclave: HexString, + assertion: Assertion +): Promise< + | { + account: HexString; + index: HexString; + vc: HexString; + }[] + | undefined +> { + let txs: any[] = []; + let len = 0; + for (const key in assertion) { + len++; + const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, { + [key]: assertion[key as keyof Assertion], + }); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + + let newNonce = nonce.toNumber() + (len - 1); + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['VCIssued'])) as any; + expect(events.length).to.be.equal(len); + + let results: { + account: HexString; + index: HexString; + vc: HexString; + }[] = []; + for (let k = 0; k < events.length; k++) { + results.push({ + account: events[k].data.account.toHex(), + index: events[k].data.index.toHex(), + vc: decryptWithAES(aesKey, events[k].data.vc, 'utf-8'), + }); + } + return [...results]; + // const [account, index, vc] = events[0].data as any; + // return [account.toHex(), index.toHex(), decryptWithAES(aesKey, vc, 'utf-8')]; + } + return undefined; +} export async function disableVC( context: IntegrationTestContext, signer: KeyringPair, @@ -319,7 +370,35 @@ export async function disableVC( } return undefined; } +export async function disableVCs( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + indexList: HexString[] +): Promise { + let txs: any[] = []; + for (let k = 0; k < indexList.length; k++) { + const tx = context.substrate.tx.vcManagement.disableVc(indexList[k]); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['VCDisabled'])) as any; + expect(events.length).to.be.equal(indexList.length); + let results: HexString[] = []; + for (let m = 0; m < events.length; m++) { + results.push(events[m].data.index.toHex()); + } + + return [...results]; + } + return undefined; +} export async function revokeVC( context: IntegrationTestContext, signer: KeyringPair, @@ -338,7 +417,33 @@ export async function revokeVC( } return undefined; } +export async function revokeVCs( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + indexList: HexString[] +): Promise { + let txs: any[] = []; + for (let k = 0; k < indexList.length; k++) { + const tx = context.substrate.tx.vcManagement.revokeVc(indexList[k]); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ tx, nonce: newNonce }); + } + await sendTxUntilInBlockList(context.substrate, txs, signer); + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['VCRevoked'])) as any; + expect(events.length).to.be.equal(indexList.length); + let results: HexString[] = []; + for (let m = 0; m < events.length; m++) { + results.push(events[m].data.index.toHex()); + } + return [...results]; + } + return undefined; +} function decodeIdentityEvent( api: ApiPromise, who: HexString, diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 43b56c3261..83d419a22f 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -1,6 +1,14 @@ import { describeLitentry, checkVc, checkIssuerAttestation } from './utils'; import { step } from 'mocha-steps'; -import { requestVC, setUserShieldingKey, disableVC, revokeVC } from './indirect_calls'; +import { + requestVC, + setUserShieldingKey, + disableVC, + revokeVC, + requestVCs, + disableVCs, + revokeVCs, +} from './indirect_calls'; import { Assertion } from './type-definitions'; import { assert } from 'chai'; import { u8aToHex, stringToU8a, stringToHex } from '@polkadot/util'; @@ -26,51 +34,52 @@ describeLitentry('VC test', async (context) => { assert.equal(who, u8aToHex(context.defaultSigner[0].addressRaw), 'check caller error'); }); step('Request VC', async () => { - for (const key in assertion) { - const [account, index, vc] = (await requestVC( - context, - context.defaultSigner[0], - aesKey, - true, - context.mrEnclave, - { - [key]: assertion[key as keyof Assertion], - } - )) as HexString[]; + const res = (await requestVCs( + context, + context.defaultSigner[0], + aesKey, + true, + context.mrEnclave, + assertion + )) as { + account: HexString; + index: HexString; + vc: HexString; + }[]; - const vcString = vc.replace('0x', ''); + for (let k = 0; k < res.length; k++) { + const vcString = res[k].vc.replace('0x', ''); const vcBlake2Hash = blake2AsHex(vcString); - const registry = (await context.substrate.query.vcManagement.vcRegistry(index)) as any; + const registry = (await context.substrate.query.vcManagement.vcRegistry(res[k].index)) as any; assert.equal(registry.toHuman()!['status'], 'Active', 'check registry error'); assert.equal(vcBlake2Hash, registry.toHuman()!['hash_'], 'check vc json hash error'); //check vc - const vcValid = await checkVc(vcString, index, context.substrate); + const vcValid = await checkVc(vcString, res[k].index, context.substrate); assert.equal(vcValid, true, 'check vc error'); - indexList.push(index); + indexList.push(res[k].index); //check issuer attestation await checkIssuerAttestation(vcString, context.substrate); - console.log(`--------Assertion ${key} is pass-----------`); } }); step('Disable VC', async () => { - for (const index of indexList) { - const eventIndex = await disableVC(context, context.defaultSigner[0], aesKey, true, index); - assert.equal(eventIndex, index, 'check index error'); - const registry = (await context.substrate.query.vcManagement.vcRegistry(index)) as any; + const res = (await disableVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; + for (let k = 0; k < res.length; k++) { + assert.equal(res[k], indexList[k], 'check index error'); + const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; assert.equal(registry.toHuman()!['status'], 'Disabled'); } }); step('Revoke VC', async () => { - for (const index of indexList) { - const eventIndex = await revokeVC(context, context.defaultSigner[0], aesKey, true, index); - assert.equal(eventIndex, index, 'check index error'); - const registry = (await context.substrate.query.vcManagement.vcRegistry(index)) as any; + const res = (await revokeVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; + for (let k = 0; k < res.length; k++) { + assert.equal(res[k], indexList[k], 'check index error'); + const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; assert.equal(registry.toHuman(), null); } }); From 658cb9b53756ec7cf49d2e43013719baa1268814 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:05:13 +0800 Subject: [PATCH 04/24] format code --- tee-worker/ts-tests/identity.test.ts | 90 ++++++++++++++-------------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 13e2b573cc..a830b2b168 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -5,9 +5,9 @@ import { setUserShieldingKey, removeIdentity, verifyIdentity, - createIdentityList, - verifyIdentityList, - removeIdentityList, + createIdentities, + verifyIdentities, + removeIdentities, } from './indirect_calls'; import { step } from 'mocha-steps'; import { assert } from 'chai'; @@ -135,9 +135,9 @@ describeLitentry('Test Identity', (context) => { assert.equal(bob, u8aToHex(context.defaultSigner[1].addressRaw), 'check caller error'); }); - step('create identity', async function () { - //Alice create all identity - const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentityList( + step('create identities', async function () { + //Alice create all identities + const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentities( context, context.defaultSigner[0], aesKey, @@ -145,7 +145,12 @@ describeLitentry('Test Identity', (context) => { [twitterIdentity, ethereumIdentity, substrateIdentity] )) as IdentityGenericEvent[]; - //check twitter identity + //Bob create extension substrate identities + const [resp_extension_substrate] = (await createIdentities(context, context.defaultSigner[1], aesKey, true, [ + substrateExtensionIdentity, + ])) as IdentityGenericEvent[]; + + //Alice check twitter identity assertIdentityCreated(context.defaultSigner[0], resp_twitter); if (resp_twitter) { @@ -159,7 +164,7 @@ describeLitentry('Test Identity', (context) => { console.log('post verification msg to twitter: ', msg); assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); } - //check ethereum identity + //Alice check ethereum identity assertIdentityCreated(context.defaultSigner[0], resp_ethereum); if (resp_ethereum) { console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); @@ -176,7 +181,7 @@ describeLitentry('Test Identity', (context) => { ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); } - // check substrate identity + //Alice check substrate identity assertIdentityCreated(context.defaultSigner[0], resp_substrate); if (resp_substrate) { console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); @@ -192,16 +197,9 @@ describeLitentry('Test Identity', (context) => { substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); } - // Bob - // create extension substrate identity - // https://github.com/litentry/litentry-parachain/issues/1137 - const resp_extension_substrate = await createIdentity( - context, - context.defaultSigner[1], - aesKey, - true, - substrateExtensionIdentity - ); + + //Bob check extension substrate identity + //https://github.com/litentry/litentry-parachain/issues/1137 assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); if (resp_extension_substrate) { console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); @@ -222,11 +220,10 @@ describeLitentry('Test Identity', (context) => { assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); } }); - step('verify identity', async function () { - //Alice - // verify all identity + step('verify identities', async function () { + //Alice verify all identities const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = - (await verifyIdentityList( + (await verifyIdentities( context, context.defaultSigner[0], aesKey, @@ -234,20 +231,20 @@ describeLitentry('Test Identity', (context) => { [twitterIdentity, ethereumIdentity, substrateIdentity], [twitterValidationData, ethereumValidationData, substrateValidationData] )) as IdentityGenericEvent[]; - - assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); - - assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); - //Bob - // verify extension substrate identity - const substrate_extension_identity_verified = await verifyIdentity( + //Bob verify extension substrate identities + const [substrate_extension_identity_verified] = (await verifyIdentities( context, context.defaultSigner[1], aesKey, true, - substrateExtensionIdentity, - substrateExtensionValidationData - ); + [substrateExtensionIdentity], + [substrateExtensionValidationData] + )) as IdentityGenericEvent[]; + + //Alice + assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); + assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); + //Bob assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); }); @@ -281,30 +278,34 @@ describeLitentry('Test Identity', (context) => { // 'verify ethereum should fail with reason `code not found`' // ); // }); - step('remove identity', async function () { + step('remove identities', async function () { + // Alice remove all identities const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = - (await removeIdentityList(context, context.defaultSigner[0], aesKey, true, [ + (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ twitterIdentity, ethereumIdentity, substrateIdentity, ])) as IdentityGenericEvent[]; - assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); - assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); - assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); - // Bob - // remove substrate identity again - const substrate_extension_identity_removed = await removeIdentity( + // Bob remove substrate identities + const [substrate_extension_identity_removed] = (await removeIdentities( context, context.defaultSigner[1], aesKey, true, - substrateExtensionIdentity - ); + [substrateExtensionIdentity] + )) as IdentityGenericEvent[]; + + //Alice + assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); + assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); + assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); + + // Bob assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); }); - step('remove error identity', async function () { + step('remove error identities', async function () { const error_identities = (await removeErrorIdentityList(context, context.defaultSigner[0], aesKey, true, [ twitterIdentity, ethereumIdentity, @@ -321,7 +322,6 @@ describeLitentry('Test Identity', (context) => { step('set error user shielding key', async function () { const result = await setErrorUserShieldingKey(context, context.defaultSigner[0], errorAseKey, true); - assert.equal( result, 'SetUserShieldingKeyHandlingFailed', From 7eafecfd85105a8d8d100939346cf0a3741f7ce0 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:05:54 +0800 Subject: [PATCH 05/24] delete useless code --- tee-worker/ts-tests/indirect_calls.ts | 52 --------------------------- 1 file changed, 52 deletions(-) diff --git a/tee-worker/ts-tests/indirect_calls.ts b/tee-worker/ts-tests/indirect_calls.ts index cad6a89c2b..05ee598b08 100644 --- a/tee-worker/ts-tests/indirect_calls.ts +++ b/tee-worker/ts-tests/indirect_calls.ts @@ -281,25 +281,7 @@ export async function verifyIdentities( } //vcManagement -export async function requestVC( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - mrEnclave: HexString, - assertion: Assertion -): Promise { - const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, assertion); - await sendTxUntilInBlock(context.substrate, tx, signer); - if (listening) { - const events = await listenEvent(context.substrate, 'vcManagement', ['VCIssued']); - expect(events.length).to.be.equal(1); - const [account, index, vc] = events[0].data as any; - return [account.toHex(), index.toHex(), decryptWithAES(aesKey, vc, 'utf-8')]; - } - return undefined; -} export async function requestVCs( context: IntegrationTestContext, signer: KeyringPair, @@ -352,24 +334,7 @@ export async function requestVCs( } return undefined; } -export async function disableVC( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - index: HexString -): Promise { - const tx = context.substrate.tx.vcManagement.disableVc(index); - await sendTxUntilInBlock(context.substrate, tx, signer); - if (listening) { - const events = await listenEvent(context.substrate, 'vcManagement', ['VCDisabled']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - return data.index.toHex(); - } - return undefined; -} export async function disableVCs( context: IntegrationTestContext, signer: KeyringPair, @@ -399,24 +364,7 @@ export async function disableVCs( } return undefined; } -export async function revokeVC( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - index: HexString -): Promise { - const tx = context.substrate.tx.vcManagement.revokeVc(index); - await sendTxUntilInBlock(context.substrate, tx, signer); - if (listening) { - const events = await listenEvent(context.substrate, 'vcManagement', ['VCRevoked']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - return data.index.toHex(); - } - return undefined; -} export async function revokeVCs( context: IntegrationTestContext, signer: KeyringPair, From 820ac8af6fbf8f9c9d2a6be3fe553db26cf16c21 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:31:33 +0800 Subject: [PATCH 06/24] verify error identity --- tee-worker/ts-tests/identity.test.ts | 77 ++++++++++++++-------------- 1 file changed, 38 insertions(+), 39 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index a830b2b168..c0c5ad9d1b 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -1,14 +1,6 @@ import { describeLitentry, generateVerificationMessage } from './utils'; import { hexToU8a, u8aConcat, u8aToHex, u8aToU8a, stringToU8a } from '@polkadot/util'; -import { - createIdentity, - setUserShieldingKey, - removeIdentity, - verifyIdentity, - createIdentities, - verifyIdentities, - removeIdentities, -} from './indirect_calls'; +import { setUserShieldingKey, createIdentities, verifyIdentities, removeIdentities } from './indirect_calls'; import { step } from 'mocha-steps'; import { assert } from 'chai'; import { @@ -26,8 +18,8 @@ import { createErrorIdentity, removeErrorIdentity, setErrorUserShieldingKey, - verifyErrorIdentity, removeErrorIdentityList, + verifyErrorIdentities, } from './indirect_error_calls'; const twitterIdentity = { @@ -243,41 +235,48 @@ describeLitentry('Test Identity', (context) => { //Alice assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); + assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); //Bob assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); }); - // step('verify error identity', async function () { - // const twitter_identity_same_verified = await verifyErrorIdentity( - // context, - // context.defaultSigner[0], - // aesKey, - // true, - // twitterIdentity, - // twitterValidationData - // ); - // // console.log(twitter_identity_error_verified.toHuman()); - // assert.equal( - // twitter_identity_same_verified, - // 'code not found', - // 'verify twitter should fail with reason `code not found`' - // ); + step('verify error identity', async function () { + //https://github.com/litentry/litentry-parachain/issues/1374 + const resp_same_verify = (await verifyErrorIdentities( + context, + context.defaultSigner[0], + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as string[]; + + for (let k = 0; k < resp_same_verify.length; k++) { + const data = resp_same_verify[k]; + assert.equal( + data, + 'code not found', + 'verify same identities to one account should fail with reason `code not found`' + ); + } - // const ethereum_identity_not_exist_verified = await verifyErrorIdentity( - // context, - // context.defaultSigner[2], - // aesKey, - // true, - // ethereumIdentity, - // ethereumValidationData - // ); - // assert.equal( - // ethereum_identity_not_exist_verified, - // 'code not found', - // 'verify ethereum should fail with reason `code not found`' - // ); - // }); + const resp_not_exist_verify = (await verifyErrorIdentities( + context, + context.defaultSigner[2], + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as string[]; + + for (let l = 0; l < resp_not_exist_verify.length; l++) { + const data = resp_not_exist_verify[l]; + assert.equal( + data, + 'code not found', + 'verify nonexistent identity should fail with reason `code not found`' + ); + } + }); step('remove identities', async function () { // Alice remove all identities const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = From 6be62b88bad16b25be4caed0b9186b8466062260 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:46:56 +0800 Subject: [PATCH 07/24] create error identities --- tee-worker/ts-tests/identity.test.ts | 49 +++++++++++++++++++++------- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index c0c5ad9d1b..081d4c8af2 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -15,7 +15,7 @@ import { ethers } from 'ethers'; import { HexString } from '@polkadot/util/types'; import { KeyringPair } from '@polkadot/keyring/types'; import { - createErrorIdentity, + createErrorIdentities, removeErrorIdentity, setErrorUserShieldingKey, removeErrorIdentityList, @@ -242,7 +242,7 @@ describeLitentry('Test Identity', (context) => { }); step('verify error identity', async function () { - //https://github.com/litentry/litentry-parachain/issues/1374 + // verify same identities to one account const resp_same_verify = (await verifyErrorIdentities( context, context.defaultSigner[0], @@ -260,6 +260,7 @@ describeLitentry('Test Identity', (context) => { ); } + //verify an identity to an account but it isn't created before const resp_not_exist_verify = (await verifyErrorIdentities( context, context.defaultSigner[2], @@ -305,12 +306,33 @@ describeLitentry('Test Identity', (context) => { }); step('remove error identities', async function () { - const error_identities = (await removeErrorIdentityList(context, context.defaultSigner[0], aesKey, true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as any; - error_identities.map((item: any) => { + //remove a nonexistent identity from an account + const resp_not_exist_identities = (await removeErrorIdentityList( + context, + context.defaultSigner[0], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity] + )) as string[]; + + resp_not_exist_identities.map((item: any) => { + const result = item.toHuman().data.reason; + assert( + result.search('IdentityNotExist') !== -1, + 'remove twitter should fail with reason `IdentityNotExist`' + ); + }); + + //remove a challenge code before the code is set + const resp_not_created_identities = (await removeErrorIdentityList( + context, + context.defaultSigner[2], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity] + )) as string[]; + + resp_not_created_identities.map((item: any) => { const result = item.toHuman().data.reason; assert( result.search('IdentityNotExist') !== -1, @@ -328,10 +350,15 @@ describeLitentry('Test Identity', (context) => { ); }); - step('create error identity', async function () { + step('create error identities', async function () { //The simulation generates the wrong Ciphertext - const result = await createErrorIdentity(context, context.defaultSigner[0], aesKey, true, errorCiphertext); - assert.equal(result, 'CreateIdentityHandlingFailed', 'result is not equal to CreateIdentityHandlingFailed'); + const resp_error_identities = (await createErrorIdentities(context, context.defaultSigner[0], aesKey, true, [ + errorCiphertext, + ])) as string[]; + for (let i = 0; i < resp_error_identities.length; i++) { + const result = resp_error_identities[i]; + assert.equal(result, 'CreateIdentityHandlingFailed', 'result is not equal to CreateIdentityHandlingFailed'); + } }); }); From c46db24c148644a47c34a2cdcfdf0e82a73dacae Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:48:31 +0800 Subject: [PATCH 08/24] delete useless code --- tee-worker/ts-tests/indirect_error_calls.ts | 148 ++++++++++++++------ 1 file changed, 102 insertions(+), 46 deletions(-) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 5266e00548..068794ae9a 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -1,12 +1,7 @@ -import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock } from './utils'; +import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock, sendTxUntilInBlockList } from './utils'; import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; -import { - IdentityGenericEvent, - IntegrationTestContext, - LitentryIdentity, - LitentryValidationData, -} from './type-definitions'; +import { IntegrationTestContext, LitentryIdentity, LitentryValidationData } from './type-definitions'; import { expect } from 'chai'; export async function setErrorUserShieldingKey( @@ -30,63 +25,124 @@ export async function setErrorUserShieldingKey( return undefined; } -export async function createErrorIdentity( +export async function createErrorIdentities( context: IntegrationTestContext, signer: KeyringPair, aesKey: HexString, listening: boolean, - errorCiphertext: string -): Promise { - const tx = context.substrate.tx.identityManagement.createIdentity( - context.mrEnclave, - signer.address, - errorCiphertext, - null - ); + errorCiphertexts: string[] +): Promise { + let txs: any[] = []; + for (let k = 0; k < errorCiphertexts.length; k++) { + const errorCiphertext = errorCiphertexts[k]; + const tx = context.substrate.tx.identityManagement.createIdentity( + context.mrEnclave, + signer.address, + errorCiphertext, + null + ); - await sendTxUntilInBlock(context.substrate, tx, signer); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ + txs, + nonce: newNonce, + }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); if (listening) { - const events = await listenEvent(context.substrate, 'identityManagement', ['CreateIdentityHandlingFailed']); - expect(events.length).to.be.equal(1); - return events[0].method as string; + const events = (await listenEvent(context.substrate, 'identityManagement', [ + 'CreateIdentityHandlingFailed', + ])) as any; + expect(events.length).to.be.equal(errorCiphertexts.length); + let results: string[] = []; + for (let i = 0; i < events.length; i++) { + results.push(events[i].method as string); + } + return [...results]; } return undefined; } -export async function verifyErrorIdentity( +export async function verifyErrorIdentities( + context: IntegrationTestContext, + signer: KeyringPair, + listening: boolean, + identities: LitentryIdentity[], + datas: LitentryValidationData[] +): Promise { + let txs: any = []; + for (let k = 0; k < identities.length; k++) { + let identity = identities[k]; + let data = datas[k]; + const identity_encode = context.substrate.createType('LitentryIdentity', identity).toHex(); + const validation_encode = context.substrate.createType('LitentryValidationData', data).toHex(); + const identity_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, identity_encode).toString( + 'hex' + ); + const validation_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, validation_encode).toString( + 'hex' + ); + + const tx = context.substrate.tx.identityManagement.verifyIdentity( + context.mrEnclave, + `0x${identity_ciphertext}`, + `0x${validation_ciphertext}` + ); + + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ + tx, + nonce: newNonce, + }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + + if (listening) { + const events = (await listenEvent(context.substrate, 'identityManagement', ['StfError'])) as any; + expect(events.length).to.be.equal(identities.length); + let results: string[] = []; + for (let i = 0; i < events.length; i++) { + const data = events[i].data as any; + results.push(data.reason.toHuman()); + } + return [...results]; + } + return undefined; +} + +export async function removeErrorIdentities( context: IntegrationTestContext, signer: KeyringPair, aesKey: HexString, listening: boolean, - identity: LitentryIdentity, - data: LitentryValidationData -): Promise { - const identity_encode = context.substrate.createType('LitentryIdentity', identity).toHex(); - const validation_encode = context.substrate.createType('LitentryValidationData', data).toHex(); - const identity_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, identity_encode).toString('hex'); - const validation_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, validation_encode).toString( - 'hex' - ); - - const tx = context.substrate.tx.identityManagement.verifyIdentity( - context.mrEnclave, - `0x${identity_ciphertext}`, - `0x${validation_ciphertext}` - ); + identities: any[] +): Promise { + let txs: any = []; + for (let index = 0; index < identities.length; index++) { + const identity = identities[index]; + const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); + const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); + const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + index; - await sendTxUntilInBlock(context.substrate, tx, signer); + txs.push({ + tx, + nonce: newNonce, + }); + } + + sendTxUntilInBlockList(context.substrate, txs, signer); if (listening) { - const events = await listenEvent(context.substrate, 'identityManagement', ['IdentityAlreadyVerified']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - // return decodeIdentityEvent( - // context.substrate, - // data.account.toHex(), - // decryptWithAES(aesKey, data.identity, 'hex'), - // decryptWithAES(aesKey, data.idGraph, 'hex') - // ); + const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); + expect(events.length).to.be.equal(identities.length); + return events; } return undefined; } From 8013596768b738a5410e0049cc61bcf95a9c4dca Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:49:25 +0800 Subject: [PATCH 09/24] delete useless code --- tee-worker/ts-tests/indirect_calls.ts | 98 --------------------------- 1 file changed, 98 deletions(-) diff --git a/tee-worker/ts-tests/indirect_calls.ts b/tee-worker/ts-tests/indirect_calls.ts index 05ee598b08..8f9bcbc4c1 100644 --- a/tee-worker/ts-tests/indirect_calls.ts +++ b/tee-worker/ts-tests/indirect_calls.ts @@ -37,39 +37,6 @@ export async function setUserShieldingKey( return undefined; } -export async function createIdentity( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - identity: LitentryIdentity -): Promise { - const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); - const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); - - const tx = context.substrate.tx.identityManagement.createIdentity( - context.mrEnclave, - signer.address, - `0x${ciphertext}`, - null - ); - - await sendTxUntilInBlock(context.substrate, tx, signer); - - if (listening) { - const events = await listenEvent(context.substrate, 'identityManagement', ['IdentityCreated']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - return decodeIdentityEvent( - context.substrate, - data.account.toHex(), - decryptWithAES(aesKey, data.identity, 'hex'), - decryptWithAES(aesKey, data.idGraph, 'hex'), - decryptWithAES(aesKey, data.code, 'hex') - ); - } - return undefined; -} export async function createIdentities( context: IntegrationTestContext, signer: KeyringPair, @@ -116,33 +83,6 @@ export async function createIdentities( } return undefined; } -export async function removeIdentity( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - identity: LitentryIdentity -): Promise { - const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); - const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); - - const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); - - await sendTxUntilInBlock(context.substrate, tx, signer); - - if (listening) { - const events = await listenEvent(context.substrate, 'identityManagement', ['IdentityRemoved']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - return decodeIdentityEvent( - context.substrate, - data.account.toHex(), - decryptWithAES(aesKey, data.identity, 'hex'), - decryptWithAES(aesKey, data.idGraph, 'hex') - ); - } - return undefined; -} export async function removeIdentities( context: IntegrationTestContext, signer: KeyringPair, @@ -183,42 +123,6 @@ export async function removeIdentities( } return undefined; } -export async function verifyIdentity( - context: IntegrationTestContext, - signer: KeyringPair, - aesKey: HexString, - listening: boolean, - identity: LitentryIdentity, - data: LitentryValidationData -): Promise { - const identity_encode = context.substrate.createType('LitentryIdentity', identity).toHex(); - const validation_encode = context.substrate.createType('LitentryValidationData', data).toHex(); - const identity_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, identity_encode).toString('hex'); - const validation_ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, validation_encode).toString( - 'hex' - ); - - const tx = context.substrate.tx.identityManagement.verifyIdentity( - context.mrEnclave, - `0x${identity_ciphertext}`, - `0x${validation_ciphertext}` - ); - - await sendTxUntilInBlock(context.substrate, tx, signer); - - if (listening) { - const events = await listenEvent(context.substrate, 'identityManagement', ['IdentityVerified']); - expect(events.length).to.be.equal(1); - const data = events[0].data as any; - return decodeIdentityEvent( - context.substrate, - data.account.toHex(), - decryptWithAES(aesKey, data.identity, 'hex'), - decryptWithAES(aesKey, data.idGraph, 'hex') - ); - } - return undefined; -} export async function verifyIdentities( context: IntegrationTestContext, @@ -329,8 +233,6 @@ export async function requestVCs( }); } return [...results]; - // const [account, index, vc] = events[0].data as any; - // return [account.toHex(), index.toHex(), decryptWithAES(aesKey, vc, 'utf-8')]; } return undefined; } From 8e55e0d6311a7afbd184254bf227a4122d1a4bf2 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 17:50:20 +0800 Subject: [PATCH 10/24] add comment&delete useless code --- tee-worker/ts-tests/identity.test.ts | 7 +++---- tee-worker/ts-tests/vc.test.ts | 11 ++--------- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 081d4c8af2..b0d654734f 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -16,9 +16,8 @@ import { HexString } from '@polkadot/util/types'; import { KeyringPair } from '@polkadot/keyring/types'; import { createErrorIdentities, - removeErrorIdentity, setErrorUserShieldingKey, - removeErrorIdentityList, + removeErrorIdentities, verifyErrorIdentities, } from './indirect_error_calls'; @@ -307,7 +306,7 @@ describeLitentry('Test Identity', (context) => { step('remove error identities', async function () { //remove a nonexistent identity from an account - const resp_not_exist_identities = (await removeErrorIdentityList( + const resp_not_exist_identities = (await removeErrorIdentities( context, context.defaultSigner[0], aesKey, @@ -324,7 +323,7 @@ describeLitentry('Test Identity', (context) => { }); //remove a challenge code before the code is set - const resp_not_created_identities = (await removeErrorIdentityList( + const resp_not_created_identities = (await removeErrorIdentities( context, context.defaultSigner[2], aesKey, diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 83d419a22f..09cee8fd5a 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -1,14 +1,6 @@ import { describeLitentry, checkVc, checkIssuerAttestation } from './utils'; import { step } from 'mocha-steps'; -import { - requestVC, - setUserShieldingKey, - disableVC, - revokeVC, - requestVCs, - disableVCs, - revokeVCs, -} from './indirect_calls'; +import { setUserShieldingKey, requestVCs, disableVCs, revokeVCs } from './indirect_calls'; import { Assertion } from './type-definitions'; import { assert } from 'chai'; import { u8aToHex, stringToU8a, stringToHex } from '@polkadot/util'; @@ -34,6 +26,7 @@ describeLitentry('VC test', async (context) => { assert.equal(who, u8aToHex(context.defaultSigner[0].addressRaw), 'check caller error'); }); step('Request VC', async () => { + // request all vc const res = (await requestVCs( context, context.defaultSigner[0], From 363bad8cc361f8b726fdbc88d134a01bf3211a0b Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 18:03:17 +0800 Subject: [PATCH 11/24] format code --- tee-worker/ts-tests/identity.test.ts | 2 +- tee-worker/ts-tests/indirect_error_calls.ts | 3 +-- tee-worker/ts-tests/vc.test.ts | 3 +-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index b0d654734f..6e98fce9cd 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -351,7 +351,7 @@ describeLitentry('Test Identity', (context) => { step('create error identities', async function () { //The simulation generates the wrong Ciphertext - const resp_error_identities = (await createErrorIdentities(context, context.defaultSigner[0], aesKey, true, [ + const resp_error_identities = (await createErrorIdentities(context, context.defaultSigner[0], true, [ errorCiphertext, ])) as string[]; for (let i = 0; i < resp_error_identities.length; i++) { diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 068794ae9a..54d9a8a68a 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -28,7 +28,6 @@ export async function setErrorUserShieldingKey( export async function createErrorIdentities( context: IntegrationTestContext, signer: KeyringPair, - aesKey: HexString, listening: boolean, errorCiphertexts: string[] ): Promise { @@ -45,7 +44,7 @@ export async function createErrorIdentities( const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + k; txs.push({ - txs, + tx, nonce: newNonce, }); } diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 09cee8fd5a..6b41a94e59 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -3,10 +3,9 @@ import { step } from 'mocha-steps'; import { setUserShieldingKey, requestVCs, disableVCs, revokeVCs } from './indirect_calls'; import { Assertion } from './type-definitions'; import { assert } from 'chai'; -import { u8aToHex, stringToU8a, stringToHex } from '@polkadot/util'; +import { u8aToHex } from '@polkadot/util'; import { HexString } from '@polkadot/util/types'; import { blake2AsHex } from '@polkadot/util-crypto'; -const base58 = require('micro-base58'); const assertion = { A1: 'A1', From 8c5da1ce40155004100c0d012aea46c5b808dea5 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 8 Mar 2023 19:26:30 +0800 Subject: [PATCH 12/24] txs types --- tee-worker/ts-tests/identity.test.ts | 26 +++++++++------------ tee-worker/ts-tests/indirect_calls.ts | 13 ++++++----- tee-worker/ts-tests/indirect_error_calls.ts | 14 +++++++---- tee-worker/ts-tests/type-definitions.ts | 6 +++++ tee-worker/ts-tests/utils.ts | 21 +++++------------ 5 files changed, 39 insertions(+), 41 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 6e98fce9cd..35b6ad2a91 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -240,7 +240,7 @@ describeLitentry('Test Identity', (context) => { assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); }); - step('verify error identity', async function () { + step('verify error identities', async function () { // verify same identities to one account const resp_same_verify = (await verifyErrorIdentities( context, @@ -306,13 +306,11 @@ describeLitentry('Test Identity', (context) => { step('remove error identities', async function () { //remove a nonexistent identity from an account - const resp_not_exist_identities = (await removeErrorIdentities( - context, - context.defaultSigner[0], - aesKey, - true, - [twitterIdentity, ethereumIdentity, substrateIdentity] - )) as string[]; + const resp_not_exist_identities = (await removeErrorIdentities(context, context.defaultSigner[0], true, [ + twitterIdentity, + ethereumIdentity, + substrateIdentity, + ])) as string[]; resp_not_exist_identities.map((item: any) => { const result = item.toHuman().data.reason; @@ -323,13 +321,11 @@ describeLitentry('Test Identity', (context) => { }); //remove a challenge code before the code is set - const resp_not_created_identities = (await removeErrorIdentities( - context, - context.defaultSigner[2], - aesKey, - true, - [twitterIdentity, ethereumIdentity, substrateIdentity] - )) as string[]; + const resp_not_created_identities = (await removeErrorIdentities(context, context.defaultSigner[2], true, [ + twitterIdentity, + ethereumIdentity, + substrateIdentity, + ])) as string[]; resp_not_created_identities.map((item: any) => { const result = item.toHuman().data.reason; diff --git a/tee-worker/ts-tests/indirect_calls.ts b/tee-worker/ts-tests/indirect_calls.ts index 8f9bcbc4c1..b7eeaeeff3 100644 --- a/tee-worker/ts-tests/indirect_calls.ts +++ b/tee-worker/ts-tests/indirect_calls.ts @@ -4,6 +4,7 @@ import { LitentryIdentity, LitentryValidationData, Assertion, + TransactionSubmit, } from './type-definitions'; import { decryptWithAES, @@ -44,7 +45,7 @@ export async function createIdentities( listening: boolean, identities: LitentryIdentity[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let index = 0; index < identities.length; index++) { const identity = identities[index]; const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); @@ -90,7 +91,7 @@ export async function removeIdentities( listening: boolean, identity: LitentryIdentity[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let index = 0; index < identity.length; index++) { const encode = context.substrate.createType('LitentryIdentity', identity[index]).toHex(); const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); @@ -132,7 +133,7 @@ export async function verifyIdentities( identities: LitentryIdentity[], datas: LitentryValidationData[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let index = 0; index < identities.length; index++) { let identity = identities[index]; @@ -201,7 +202,7 @@ export async function requestVCs( }[] | undefined > { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; let len = 0; for (const key in assertion) { @@ -244,7 +245,7 @@ export async function disableVCs( listening: boolean, indexList: HexString[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let k = 0; k < indexList.length; k++) { const tx = context.substrate.tx.vcManagement.disableVc(indexList[k]); @@ -274,7 +275,7 @@ export async function revokeVCs( listening: boolean, indexList: HexString[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let k = 0; k < indexList.length; k++) { const tx = context.substrate.tx.vcManagement.revokeVc(indexList[k]); const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 54d9a8a68a..069b3be6cc 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -1,7 +1,12 @@ import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock, sendTxUntilInBlockList } from './utils'; import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; -import { IntegrationTestContext, LitentryIdentity, LitentryValidationData } from './type-definitions'; +import { + IntegrationTestContext, + LitentryIdentity, + LitentryValidationData, + TransactionSubmit, +} from './type-definitions'; import { expect } from 'chai'; export async function setErrorUserShieldingKey( @@ -31,7 +36,7 @@ export async function createErrorIdentities( listening: boolean, errorCiphertexts: string[] ): Promise { - let txs: any[] = []; + let txs: TransactionSubmit[] = []; for (let k = 0; k < errorCiphertexts.length; k++) { const errorCiphertext = errorCiphertexts[k]; const tx = context.substrate.tx.identityManagement.createIdentity( @@ -72,7 +77,7 @@ export async function verifyErrorIdentities( identities: LitentryIdentity[], datas: LitentryValidationData[] ): Promise { - let txs: any = []; + let txs: TransactionSubmit[] = []; for (let k = 0; k < identities.length; k++) { let identity = identities[k]; let data = datas[k]; @@ -117,11 +122,10 @@ export async function verifyErrorIdentities( export async function removeErrorIdentities( context: IntegrationTestContext, signer: KeyringPair, - aesKey: HexString, listening: boolean, identities: any[] ): Promise { - let txs: any = []; + let txs: TransactionSubmit[] = []; for (let index = 0; index < identities.length; index++) { const identity = identities[index]; const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); diff --git a/tee-worker/ts-tests/type-definitions.ts b/tee-worker/ts-tests/type-definitions.ts index 4d65fa407e..c7d1294002 100644 --- a/tee-worker/ts-tests/type-definitions.ts +++ b/tee-worker/ts-tests/type-definitions.ts @@ -3,6 +3,7 @@ import { KeyObject } from 'crypto'; import { HexString } from '@polkadot/util/types'; import WebSocketAsPromised = require('websocket-as-promised'); import { KeyringPair } from '@polkadot/keyring/types'; +import { ApiTypes, SubmittableExtrinsic } from '@polkadot/api/types'; export const teeTypes = { WorkerRpcReturnString: { @@ -309,3 +310,8 @@ export type Assertion = { A10?: [number]; A11?: [number]; }; + +export type TransactionSubmit = { + tx: SubmittableExtrinsic; + nonce: number; +}; diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index dbd0e28bba..92cc8f8c50 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -2,24 +2,22 @@ import './config'; import WebSocketAsPromised from 'websocket-as-promised'; import WebSocket from 'ws'; import Options from 'websocket-as-promised/types/options'; -import { ApiPromise, Keyring, WsProvider } from '@polkadot/api'; -import { StorageKey, Vec } from '@polkadot/types'; +import { ApiPromise, WsProvider } from '@polkadot/api'; import { AESOutput, EnclaveResult, IntegrationTestContext, LitentryIdentity, - PubicKeyJson, teeTypes, - WorkerRpcReturnString, WorkerRpcReturnValue, + TransactionSubmit, } from './type-definitions'; -import { blake2AsHex, cryptoWaitReady, signatureVerify } from '@polkadot/util-crypto'; +import { blake2AsHex, cryptoWaitReady } from '@polkadot/util-crypto'; +import { ApiTypes, SubmittableExtrinsic } from '@polkadot/api/types'; import { KeyringPair } from '@polkadot/keyring/types'; import { Codec } from '@polkadot/types/types'; -import { ApiTypes, SubmittableExtrinsic } from '@polkadot/api/types'; import { HexString } from '@polkadot/util/types'; -import { hexToU8a, u8aToHex, stringToU8a, stringToHex, u8aToU8a } from '@polkadot/util'; +import { hexToU8a, u8aToHex, stringToU8a } from '@polkadot/util'; import { KeyObject } from 'crypto'; import { Event, EventRecord } from '@polkadot/types/interfaces'; import { after, before, describe } from 'mocha'; @@ -120,14 +118,7 @@ export async function sendTxUntilInBlock(api: ApiPromise, tx: SubmittableExtrins }); } -export async function sendTxUntilInBlockList( - api: ApiPromise, - txs: { - tx: SubmittableExtrinsic; - nonce: string; - }[], - signer: KeyringPair -) { +export async function sendTxUntilInBlockList(api: ApiPromise, txs: TransactionSubmit[], signer: KeyringPair) { return new Promise<{ block: string; }>(async (resolve, reject) => { From e092369a73c4dd4c345a0b1b717a7280c642ba58 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Mon, 13 Mar 2023 15:01:15 +0800 Subject: [PATCH 13/24] step error vc --- tee-worker/ts-tests/indirect_error_calls.ts | 66 +++++++++++++++++++++ tee-worker/ts-tests/vc.test.ts | 34 +++++++++++ 2 files changed, 100 insertions(+) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 069b3be6cc..fbae2f8647 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -2,6 +2,7 @@ import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock, sendTxUnti import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; import { + Assertion, IntegrationTestContext, LitentryIdentity, LitentryValidationData, @@ -149,3 +150,68 @@ export async function removeErrorIdentities( } return undefined; } + +export async function requesErrortVCs( + context: IntegrationTestContext, + signer: KeyringPair, + listening: boolean, + mrEnclave: HexString, + assertion: Assertion +): Promise { + let txs: TransactionSubmit[] = []; + let len = 0; + + for (const key in assertion) { + len++; + const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, { + [key]: assertion[key as keyof Assertion], + }); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + + let newNonce = nonce.toNumber() + (len - 1); + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as any; + expect(events.length).to.be.equal(len); + + let results: string[] = []; + for (let k = 0; k < events.length; k++) { + results.push(events[k].data.reason.toHuman()); + } + return [...results]; + } + return undefined; +} +export async function disableErrorVCs( + context: IntegrationTestContext, + signer: KeyringPair, + listening: boolean, + indexList: HexString[] +): Promise { + let txs: TransactionSubmit[] = []; + + for (let k = 0; k < indexList.length; k++) { + const tx = context.substrate.tx.vcManagement.disableVc(indexList[k]); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['VCDisabled'])) as any; + expect(events.length).to.be.equal(indexList.length); + let results: HexString[] = []; + for (let m = 0; m < events.length; m++) { + console.log(999, events[m].data); + + results.push(events[m].data.index.toHex()); + } + + return [...results]; + } + return undefined; +} diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 6b41a94e59..d7837c303c 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -6,6 +6,7 @@ import { assert } from 'chai'; import { u8aToHex } from '@polkadot/util'; import { HexString } from '@polkadot/util/types'; import { blake2AsHex } from '@polkadot/util-crypto'; +import { disableErrorVCs, requesErrortVCs } from './indirect_error_calls'; const assertion = { A1: 'A1', @@ -58,6 +59,30 @@ describeLitentry('VC test', async (context) => { } }); + step('Request Error VC', async () => { + //Bob don't have shielding key + const resp_not_set_shieldingkey = (await requesErrortVCs( + context, + context.defaultSigner[1], + true, + context.mrEnclave, + assertion + )) as string[]; + + for (let index = 0; index < resp_not_set_shieldingkey.length; index++) { + const data = resp_not_set_shieldingkey[index]; + assert.equal(data, 'AssertionBuildFail', 'requestVc should fail with AssertionBuildFail'); + } + }); + + step('Disable VC', async () => { + const res = (await disableVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; + for (let k = 0; k < res.length; k++) { + assert.equal(res[k], indexList[k], 'check index error'); + const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; + assert.equal(registry.toHuman()!['status'], 'Disabled'); + } + }); step('Disable VC', async () => { const res = (await disableVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; for (let k = 0; k < res.length; k++) { @@ -66,6 +91,15 @@ describeLitentry('VC test', async (context) => { assert.equal(registry.toHuman()!['status'], 'Disabled'); } }); + // step('Disable error VC', async () => { + // //Bob dont't request VC before + // const res = (await disableErrorVCs(context, context.defaultSigner[0], true, indexList)) as HexString[]; + // for (let k = 0; k < res.length; k++) { + // assert.equal(res[k], indexList[k], 'check index error'); + // const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; + // assert.equal(registry.toHuman()!['status'], 'Disabled'); + // } + // }); step('Revoke VC', async () => { const res = (await revokeVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; From 11f48cda4db9ae6236d0881df297e040dbf1f169 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 15 Mar 2023 15:23:48 +0800 Subject: [PATCH 14/24] catch dispatchError --- tee-worker/ts-tests/indirect_error_calls.ts | 32 +++++- tee-worker/ts-tests/utils.ts | 116 +++++++------------- tee-worker/ts-tests/vc.test.ts | 16 +-- 3 files changed, 80 insertions(+), 84 deletions(-) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index fbae2f8647..f7b2ba335e 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -206,8 +206,6 @@ export async function disableErrorVCs( expect(events.length).to.be.equal(indexList.length); let results: HexString[] = []; for (let m = 0; m < events.length; m++) { - console.log(999, events[m].data); - results.push(events[m].data.index.toHex()); } @@ -215,3 +213,33 @@ export async function disableErrorVCs( } return undefined; } +export async function revokeErrorVCs( + context: IntegrationTestContext, + signer: KeyringPair, + listening: boolean, + indexList: HexString[] +): Promise { + let txs: TransactionSubmit[] = []; + + for (let k = 0; k < indexList.length; k++) { + const tx = context.substrate.tx.vcManagement.revokeVc(indexList[k]); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + let newNonce = nonce.toNumber() + k; + txs.push({ tx, nonce: newNonce }); + } + + const res = await sendTxUntilInBlockList(context.substrate, txs, signer); + console.log(1111, res); + + // if (listening) { + // const events = (await listenEvent(context.substrate, 'vcManagement', ['VCDisabled'])) as any; + // expect(events.length).to.be.equal(indexList.length); + // let results: HexString[] = []; + // for (let m = 0; m < events.length; m++) { + // results.push(events[m].data.index.toHex()); + // } + + // return [...results]; + // } + return undefined; +} diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index 92cc8f8c50..89f70f4a2b 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -119,25 +119,37 @@ export async function sendTxUntilInBlock(api: ApiPromise, tx: SubmittableExtrins } export async function sendTxUntilInBlockList(api: ApiPromise, txs: TransactionSubmit[], signer: KeyringPair) { - return new Promise<{ - block: string; - }>(async (resolve, reject) => { - await Promise.all( - txs.map(async ({ tx, nonce }) => { - // await tx.paymentInfo(signer); + return Promise.all( + txs.map(async ({ tx, nonce }) => { + const result = await new Promise((resolve, reject) => { tx.signAndSend(signer, { nonce }, (result) => { if (result.status.isInBlock) { - console.log(`Transaction included at blockHash ${result.status.asInBlock}`); - resolve({ - block: result.status.asInBlock.toString(), - }); + //catch error + if (result.dispatchError) { + if (result.dispatchError.isModule) { + const decoded = api.registry.findMetaError(result.dispatchError.asModule); + const { docs, name, section } = decoded; + + console.log(`${section}.${name}: ${docs.join(' ')}`); + resolve(`${section}.${name}`); + } else { + console.log(result.dispatchError.toString()); + resolve(result.dispatchError.toString()); + } + } else { + console.log(`Transaction included at blockHash ${result.status.asInBlock}`); + resolve({ + block: result.status.asInBlock.toString(), + }); + } } else if (result.status.isInvalid) { reject(`Transaction is ${result.status}`); } }); - }) - ); - }); + }); + return result; + }) + ); } // Subscribe to the chain until we get the first specified event with given `section` and `methods`. @@ -331,88 +343,42 @@ export async function getEnclave(api: ApiPromise): Promise<{ }; } -export async function verifySignature(data: string, index: HexString, signature: string, api: ApiPromise) { +export async function verifySignature(data: any, index: HexString, proofJson: any, api: ApiPromise) { const count = await api.query.teerex.enclaveCount(); const res = (await api.query.teerex.enclaveRegistry(count)).toHuman() as EnclaveResult; + //check vc index + expect(index).to.be.eq(data.id); - //JSON data types cannot be verify signature - // @TODO rust needs to modify the vc format - const message = JSON.parse(data); + const signature = Buffer.from(hexToU8a(`0x${proofJson.proofValue}`)); + const message = Buffer.from(JSON.stringify(data)); + const vcPubkey = Buffer.from(hexToU8a(`${res.vcPubkey}`)); - //check vc index - expect(index).to.be.eq(message.id); - message.proof = null; - const isValid = await ed.verify( - Buffer.from(hexToU8a(`0x${signature}`)), - Buffer.from(stringToU8a(JSON.stringify(message))), - Buffer.from(hexToU8a(`${res.vcPubkey}`)) - ); + const isValid = await ed.verify(signature, message, vcPubkey); - //just for CI pass - expect(!isValid).to.be.true; + expect(isValid).to.be.true; return true; } -export async function checkVc(vc: string, index: HexString, api: ApiPromise): Promise { - const vcObj = JSON.parse(vc); - - console.log('----------vc json----------', vcObj); - - const signatureValid = await verifySignature(vc, index, vcObj.proof.proofValue, api); +export async function checkVc(vcObj: any, index: HexString, proof: any, api: ApiPromise): Promise { + const signatureValid = await verifySignature(vcObj, index, proof, api); expect(signatureValid).to.be.true; - const jsonValid = await checkJSON(vc); + + const jsonValid = await checkJSON(vcObj, proof); expect(jsonValid).to.be.true; return true; } //Check VC json fields -export async function checkJSON(data: string): Promise { - const vc = JSON.parse(data); - const vcStatus = ['@context', 'type', 'credentialSubject', 'proof', 'issuer'].every( +export async function checkJSON(vc: any, proofJson: any): Promise { + const vcStatus = ['@context', 'type', 'credentialSubject', 'issuer'].every( (key) => vc.hasOwnProperty(key) && (vc[key] != '{}' || vc[key] !== '[]' || vc[key] !== null || vc[key] !== undefined) ); expect(vcStatus).to.be.true; expect( vc.type[0] === 'VerifiableCredential' && - vc.proof.type === 'Ed25519Signature2020' && - vc.issuer.id === vc.proof.verificationMethod + vc.issuer.id === proofJson.verificationMethod && + proofJson.type === 'Ed25519Signature2020' ).to.be.true; return true; } - -export async function checkIssuerAttestation(data: string, api: ApiPromise): Promise { - const vc = JSON.parse(data); - const mrEnclaveFromVC = Buffer.from(base58.decode(vc.issuer.mrenclave)).toString('hex'); - const count = await api.query.teerex.enclaveCount(); - const res = (await api.query.teerex.enclaveRegistry(count)).toHuman() as EnclaveResult; - const mrEnclaveFromParachain = res.mrEnclave; - expect(`0x${mrEnclaveFromVC}`).to.be.equal(mrEnclaveFromParachain); - - //https://github.com/litentry/litentry-parachain/pull/1369 need to be merged - const metadata = res.sgxMetadata as any; - console.log(' [IssuerAttestation] metadata: ', metadata); - if (metadata != null) { - const quoteFromData = metadata!['quote']; - console.log(' [IssuerAttestation] quoteFromData: ', quoteFromData); - if (quoteFromData.length == 0) { - return; - } - const quote = JSON.parse(Base64.decode(quoteFromData)); - const status = quote!['isvEnclaveQuoteStatus']; - - // 1. Verify quote status (mandatory field) - console.log('[IssuerAttestation] ISV Enclave Quote Status: ', status); - - // 2. Verify quote body - const quoteBody = quote!['isvEnclaveQuoteBody']; - const sgxQuote = JSON.parse(Base64.decode(quoteBody)); - console.log('[IssuerAttestation] sgxQuote: ', sgxQuote); - - // 3. Check timestamp is within 24H (90day is recommended by Intel) - const timestamp = Date.parse(quote!['timestamp']); - const now = Date.now(); - const dt = now - timestamp; - console.log('[IssuerAttestation] ISV Enclave Quote Delta Time: ', dt); - } -} diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index d7837c303c..d76da1d4a0 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -1,4 +1,4 @@ -import { describeLitentry, checkVc, checkIssuerAttestation } from './utils'; +import { describeLitentry, checkVc } from './utils'; import { step } from 'mocha-steps'; import { setUserShieldingKey, requestVCs, disableVCs, revokeVCs } from './indirect_calls'; import { Assertion } from './type-definitions'; @@ -42,20 +42,22 @@ describeLitentry('VC test', async (context) => { for (let k = 0; k < res.length; k++) { const vcString = res[k].vc.replace('0x', ''); - const vcBlake2Hash = blake2AsHex(vcString); + const vcObj = JSON.parse(vcString); + + console.log('----------vc json-------------', vcObj); + + const vcProof = vcObj.proof; const registry = (await context.substrate.query.vcManagement.vcRegistry(res[k].index)) as any; assert.equal(registry.toHuman()!['status'], 'Active', 'check registry error'); - assert.equal(vcBlake2Hash, registry.toHuman()!['hash_'], 'check vc json hash error'); + const vcHash = blake2AsHex(Buffer.from(vcString)); + assert.equal(vcHash, registry.toHuman()!['hash_'], 'check vc json hash error'); //check vc - const vcValid = await checkVc(vcString, res[k].index, context.substrate); + const vcValid = await checkVc(vcObj, res[k].index, vcProof, context.substrate); assert.equal(vcValid, true, 'check vc error'); indexList.push(res[k].index); - - //check issuer attestation - await checkIssuerAttestation(vcString, context.substrate); } }); From 8b4f9d1f93fca10458233f006ab03b43df24e1b8 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 15 Mar 2023 15:53:17 +0800 Subject: [PATCH 15/24] revoke error test --- tee-worker/ts-tests/identity.test.ts | 22 +++++---- tee-worker/ts-tests/indirect_error_calls.ts | 29 ++---------- tee-worker/ts-tests/utils.ts | 51 ++++++++++++--------- tee-worker/ts-tests/vc.test.ts | 32 +++++++++---- 4 files changed, 69 insertions(+), 65 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 4bf0e90a77..7b8636ce45 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -1,4 +1,10 @@ -import { describeLitentry, encryptWithTeeShieldingKey, generateVerificationMessage, listenEvent, sendTxUntilInBlock } from './utils'; +import { + describeLitentry, + encryptWithTeeShieldingKey, + generateVerificationMessage, + listenEvent, + sendTxUntilInBlock, +} from './utils'; import { hexToU8a, u8aConcat, u8aToHex, u8aToU8a, stringToU8a } from '@polkadot/util'; import { setUserShieldingKey, @@ -309,7 +315,9 @@ describeLitentry('Test Identity', (context) => { step('remove prime identity NOT allowed', async function () { // create substrate identity - const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [substrateIdentity])) as IdentityGenericEvent[]; + const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ + substrateIdentity, + ])) as IdentityGenericEvent[]; assertIdentityCreated(context.defaultSigner[0], resp_substrate); if (resp_substrate) { @@ -329,13 +337,9 @@ describeLitentry('Test Identity', (context) => { } // remove substrate identity - const [substrate_identity_removed] = (await removeIdentities( - context, - context.defaultSigner[1], - aesKey, - true, - [substrateIdentity] - )) as IdentityGenericEvent[]; + const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[1], aesKey, true, [ + substrateIdentity, + ])) as IdentityGenericEvent[]; assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); // remove prime identity diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 797f0591c3..9d3e85ed33 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -147,18 +147,6 @@ export async function removeErrorIdentities( expect(events.length).to.be.equal(identities.length); return events; } - - await sendTxUntilInBlockList(context.substrate, txs, signer); - if (listening) { - const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as any; - expect(events.length).to.be.equal(len); - - let results: string[] = []; - for (let k = 0; k < events.length; k++) { - results.push(events[k].data.reason.toHuman()); - } - return [...results]; - } return undefined; } export async function disableErrorVCs( @@ -194,7 +182,7 @@ export async function revokeErrorVCs( signer: KeyringPair, listening: boolean, indexList: HexString[] -): Promise { +): Promise { let txs: TransactionSubmit[] = []; for (let k = 0; k < indexList.length; k++) { @@ -204,18 +192,7 @@ export async function revokeErrorVCs( txs.push({ tx, nonce: newNonce }); } - const res = await sendTxUntilInBlockList(context.substrate, txs, signer); - console.log(1111, res); - - // if (listening) { - // const events = (await listenEvent(context.substrate, 'vcManagement', ['VCDisabled'])) as any; - // expect(events.length).to.be.equal(indexList.length); - // let results: HexString[] = []; - // for (let m = 0; m < events.length; m++) { - // results.push(events[m].data.index.toHex()); - // } + const res = (await sendTxUntilInBlockList(context.substrate, txs, signer)) as string[]; - // return [...results]; - // } - return undefined; + return res.length ? res : undefined; } diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index a10dbc59d5..afd03c4a7c 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -11,7 +11,6 @@ import { teeTypes, WorkerRpcReturnValue, TransactionSubmit, - JsonSchema, } from './type-definitions'; import { blake2AsHex, cryptoWaitReady } from '@polkadot/util-crypto'; import { ApiTypes, SubmittableExtrinsic } from '@polkadot/api/types'; @@ -27,7 +26,6 @@ import { ethers } from 'ethers'; import { generateTestKeys } from './web3/functions'; import { expect } from 'chai'; import { Base64 } from 'js-base64'; -import Ajv from 'ajv'; import * as ed from '@noble/ed25519'; const base58 = require('micro-base58'); const crypto = require('crypto'); @@ -121,25 +119,37 @@ export async function sendTxUntilInBlock(api: ApiPromise, tx: SubmittableExtrins } export async function sendTxUntilInBlockList(api: ApiPromise, txs: TransactionSubmit[], signer: KeyringPair) { - return new Promise<{ - block: string; - }>(async (resolve, reject) => { - await Promise.all( - txs.map(async ({ tx, nonce }) => { - // await tx.paymentInfo(signer); + return Promise.all( + txs.map(async ({ tx, nonce }) => { + const result = await new Promise((resolve, reject) => { tx.signAndSend(signer, { nonce }, (result) => { if (result.status.isInBlock) { - console.log(`Transaction included at blockHash ${result.status.asInBlock}`); - resolve({ - block: result.status.asInBlock.toString(), - }); + //catch error + if (result.dispatchError) { + if (result.dispatchError.isModule) { + const decoded = api.registry.findMetaError(result.dispatchError.asModule); + const { docs, name, section } = decoded; + + console.log(`${section}.${name}: ${docs.join(' ')}`); + resolve(`${section}.${name}`); + } else { + console.log(result.dispatchError.toString()); + resolve(result.dispatchError.toString()); + } + } else { + console.log(`Transaction included at blockHash ${result.status.asInBlock}`); + resolve({ + block: result.status.asInBlock.toString(), + }); + } } else if (result.status.isInvalid) { reject(`Transaction is ${result.status}`); } }); - }) - ); - }); + }); + return result; + }) + ); } // Subscribe to the chain until we get the first specified event with given `section` and `methods`. @@ -362,12 +372,11 @@ export async function checkVc(vcObj: any, index: HexString, proof: any, api: Api //Check VC json fields export async function checkJSON(vc: any, proofJson: any): Promise { - //check JsonSchema - const ajv = new Ajv(); - const validate = ajv.compile(JsonSchema); - const isValid = validate(vc); - expect(isValid).to.be.true; - + const vcStatus = ['@context', 'type', 'credentialSubject', 'issuer'].every( + (key) => + vc.hasOwnProperty(key) && (vc[key] != '{}' || vc[key] !== '[]' || vc[key] !== null || vc[key] !== undefined) + ); + expect(vcStatus).to.be.true; expect( vc.type[0] === 'VerifiableCredential' && vc.issuer.id === proofJson.verificationMethod && diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 8a723ee906..c24c6c8f0d 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -6,6 +6,7 @@ import { assert } from 'chai'; import { u8aToHex } from '@polkadot/util'; import { HexString } from '@polkadot/util/types'; import { blake2AsHex } from '@polkadot/util-crypto'; +import { disableErrorVCs, revokeErrorVCs } from './indirect_error_calls'; const assertion = { A1: 'A1', @@ -42,6 +43,7 @@ describeLitentry('VC test', async (context) => { for (let k = 0; k < res.length; k++) { const vcString = res[k].vc.replace('0x', ''); const vcObj = JSON.parse(vcString); + console.log('---------VC json----------', vcObj); const vcProof = vcObj.proof; @@ -66,15 +68,15 @@ describeLitentry('VC test', async (context) => { assert.equal(registry.toHuman()!['status'], 'Disabled'); } }); - // step('Disable error VC', async () => { - // //Bob dont't request VC before - // const res = (await disableErrorVCs(context, context.defaultSigner[0], true, indexList)) as HexString[]; - // for (let k = 0; k < res.length; k++) { - // assert.equal(res[k], indexList[k], 'check index error'); - // const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; - // assert.equal(registry.toHuman()!['status'], 'Disabled'); - // } - // }); + step('Disable error VC', async () => { + //Bob dont't request VC before + const res = (await disableErrorVCs(context, context.defaultSigner[0], true, indexList)) as HexString[]; + for (let k = 0; k < res.length; k++) { + assert.equal(res[k], indexList[k], 'check index error'); + const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; + assert.equal(registry.toHuman()!['status'], 'Disabled'); + } + }); step('Revoke VC', async () => { const res = (await revokeVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; @@ -84,4 +86,16 @@ describeLitentry('VC test', async (context) => { assert.equal(registry.toHuman(), null); } }); + + step('Revoke Error VC', async () => { + const resp_revoke_error = (await revokeErrorVCs( + context, + context.defaultSigner[0], + true, + indexList + )) as string[]; + for (let k = 0; k < resp_revoke_error.length; k++) { + assert.equal(resp_revoke_error[k], 'vcManagement.VCNotExist', 'check revokeVc error'); + } + }); }); From 9f1079c2a27f98077380f753734653ece363019e Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 15 Mar 2023 16:27:52 +0800 Subject: [PATCH 16/24] requestVc error --- tee-worker/ts-tests/indirect_error_calls.ts | 54 ++++++++++++++++----- tee-worker/ts-tests/vc.test.ts | 33 ++++++++++--- 2 files changed, 69 insertions(+), 18 deletions(-) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 9d3e85ed33..034ce2881d 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -2,6 +2,7 @@ import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock, sendTxUnti import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; import { + Assertion, IntegrationTestContext, LitentryIdentity, LitentryValidationData, @@ -149,12 +150,50 @@ export async function removeErrorIdentities( } return undefined; } +export async function requestErrorVCs( + context: IntegrationTestContext, + signer: KeyringPair, + aesKey: HexString, + listening: boolean, + mrEnclave: HexString, + assertion: Assertion +): Promise< + | { + account: HexString; + index: HexString; + vc: HexString; + }[] + | undefined +> { + let txs: TransactionSubmit[] = []; + let len = 0; + + for (const key in assertion) { + len++; + const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, { + [key]: assertion[key as keyof Assertion], + }); + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + + let newNonce = nonce.toNumber() + (len - 1); + txs.push({ tx, nonce: newNonce }); + } + + await sendTxUntilInBlockList(context.substrate, txs, signer); + + if (listening) { + const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as any; + expect(events.length).to.be.equal(len); + return events; + } + return undefined; +} export async function disableErrorVCs( context: IntegrationTestContext, signer: KeyringPair, listening: boolean, indexList: HexString[] -): Promise { +): Promise { let txs: TransactionSubmit[] = []; for (let k = 0; k < indexList.length; k++) { @@ -164,18 +203,9 @@ export async function disableErrorVCs( txs.push({ tx, nonce: newNonce }); } - await sendTxUntilInBlockList(context.substrate, txs, signer); - if (listening) { - const events = (await listenEvent(context.substrate, 'vcManagement', ['VCDisabled'])) as any; - expect(events.length).to.be.equal(indexList.length); - let results: HexString[] = []; - for (let m = 0; m < events.length; m++) { - results.push(events[m].data.index.toHex()); - } + const res = (await sendTxUntilInBlockList(context.substrate, txs, signer)) as string[]; - return [...results]; - } - return undefined; + return res.length ? res : undefined; } export async function revokeErrorVCs( context: IntegrationTestContext, diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index c24c6c8f0d..674a6eb138 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -6,7 +6,7 @@ import { assert } from 'chai'; import { u8aToHex } from '@polkadot/util'; import { HexString } from '@polkadot/util/types'; import { blake2AsHex } from '@polkadot/util-crypto'; -import { disableErrorVCs, revokeErrorVCs } from './indirect_error_calls'; +import { requestErrorVCs, disableErrorVCs, revokeErrorVCs } from './indirect_error_calls'; const assertion = { A1: 'A1', @@ -59,7 +59,25 @@ describeLitentry('VC test', async (context) => { indexList.push(res[k].index); } }); + step('Request Error VC', async () => { + const resp_request_error = (await requestErrorVCs( + context, + context.defaultSigner[1], + aesKey, + true, + context.mrEnclave, + assertion + )) as any; + + resp_request_error.map((item: any) => { + const result = item.toHuman().data.reason; + assert( + result.search('User shielding key is missing') !== -1, + 'remove twitter should fail with reason `User shielding key is missing`' + ); + }); + }); step('Disable VC', async () => { const res = (await disableVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; for (let k = 0; k < res.length; k++) { @@ -70,11 +88,14 @@ describeLitentry('VC test', async (context) => { }); step('Disable error VC', async () => { //Bob dont't request VC before - const res = (await disableErrorVCs(context, context.defaultSigner[0], true, indexList)) as HexString[]; - for (let k = 0; k < res.length; k++) { - assert.equal(res[k], indexList[k], 'check index error'); - const registry = (await context.substrate.query.vcManagement.vcRegistry(indexList[k])) as any; - assert.equal(registry.toHuman()!['status'], 'Disabled'); + const resp_disable_error = (await disableErrorVCs( + context, + context.defaultSigner[0], + true, + indexList + )) as HexString[]; + for (let k = 0; k < resp_disable_error.length; k++) { + assert.equal(resp_disable_error[k], 'vcManagement.VCAlreadyDisabled', 'check disableVc error'); } }); From 25eeedf77442f1d0d96d8a4911a3545ceabcc018 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 15 Mar 2023 19:27:10 +0800 Subject: [PATCH 17/24] change assert log --- tee-worker/ts-tests/vc.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 674a6eb138..ae2f1ad276 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -74,7 +74,7 @@ describeLitentry('VC test', async (context) => { assert( result.search('User shielding key is missing') !== -1, - 'remove twitter should fail with reason `User shielding key is missing`' + 'requestVc should fail with reason `User shielding key is missing`' ); }); }); From 30e09980ccb1f08bca2265e64d8147071eae2bf4 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Wed, 15 Mar 2023 19:27:41 +0800 Subject: [PATCH 18/24] fix merge errors --- tee-worker/ts-tests/identity.test.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 7b8636ce45..f957832ed3 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -337,7 +337,7 @@ describeLitentry('Test Identity', (context) => { } // remove substrate identity - const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[1], aesKey, true, [ + const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ substrateIdentity, ])) as IdentityGenericEvent[]; assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); @@ -356,6 +356,7 @@ describeLitentry('Test Identity', (context) => { await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); + expect(events.length).to.be.equal(1); const result = events[0].method as string; }); From 22cfc318f88fb2e77c9f0b67151f48d0ea4880ca Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Thu, 16 Mar 2023 16:20:15 +0800 Subject: [PATCH 19/24] add checkFailReason --- tee-worker/ts-tests/identity.test.ts | 547 +++++++++++++-------------- tee-worker/ts-tests/utils.ts | 7 + 2 files changed, 278 insertions(+), 276 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index f957832ed3..349a74afbe 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -4,6 +4,7 @@ import { generateVerificationMessage, listenEvent, sendTxUntilInBlock, + checkFailReason, } from './utils'; import { hexToU8a, u8aConcat, u8aToHex, u8aToU8a, stringToU8a } from '@polkadot/util'; import { @@ -134,295 +135,289 @@ describeLitentry('Test Identity', (context) => { assert.equal(bob, u8aToHex(context.defaultSigner[1].addressRaw), 'check caller error'); }); - step('create identities', async function () { - //Alice create all identities - const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentities( - context, - context.defaultSigner[0], - aesKey, - true, - [twitterIdentity, ethereumIdentity, substrateIdentity] - )) as IdentityGenericEvent[]; - - //Bob create extension substrate identities - const [resp_extension_substrate] = (await createIdentities(context, context.defaultSigner[1], aesKey, true, [ - substrateExtensionIdentity, - ])) as IdentityGenericEvent[]; - - //Alice check twitter identity - assertIdentityCreated(context.defaultSigner[0], resp_twitter); - - if (resp_twitter) { - console.log('twitterIdentity challengeCode: ', resp_twitter.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_twitter.challengeCode), - context.defaultSigner[0].addressRaw, - twitterIdentity - ); - console.log('post verification msg to twitter: ', msg); - assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); - } - //Alice check ethereum identity - assertIdentityCreated(context.defaultSigner[0], resp_ethereum); - if (resp_ethereum) { - console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_ethereum.challengeCode), - context.defaultSigner[0].addressRaw, - ethereumIdentity - ); - console.log('post verification msg to ethereum: ', msg); - ethereumValidationData!.Web3Validation!.Evm!.message = msg; - const msgHash = ethers.utils.arrayify(msg); - signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); - ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; - assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); - } - //Alice check substrate identity - assertIdentityCreated(context.defaultSigner[0], resp_substrate); - if (resp_substrate) { - console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_substrate.challengeCode), - context.defaultSigner[0].addressRaw, - substrateIdentity - ); - console.log('post verification msg to substrate: ', msg); - substrateValidationData!.Web3Validation!.Substrate!.message = msg; - signature_substrate = context.defaultSigner[0].sign(msg); - substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - } + // step('create identities', async function () { + // //Alice create all identities + // const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentities( + // context, + // context.defaultSigner[0], + // aesKey, + // true, + // [twitterIdentity, ethereumIdentity, substrateIdentity] + // )) as IdentityGenericEvent[]; + + // //Bob create extension substrate identities + // const [resp_extension_substrate] = (await createIdentities(context, context.defaultSigner[1], aesKey, true, [ + // substrateExtensionIdentity, + // ])) as IdentityGenericEvent[]; + + // //Alice check twitter identity + // assertIdentityCreated(context.defaultSigner[0], resp_twitter); + + // if (resp_twitter) { + // console.log('twitterIdentity challengeCode: ', resp_twitter.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_twitter.challengeCode), + // context.defaultSigner[0].addressRaw, + // twitterIdentity + // ); + // console.log('post verification msg to twitter: ', msg); + // assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); + // } + // //Alice check ethereum identity + // assertIdentityCreated(context.defaultSigner[0], resp_ethereum); + // if (resp_ethereum) { + // console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_ethereum.challengeCode), + // context.defaultSigner[0].addressRaw, + // ethereumIdentity + // ); + // console.log('post verification msg to ethereum: ', msg); + // ethereumValidationData!.Web3Validation!.Evm!.message = msg; + // const msgHash = ethers.utils.arrayify(msg); + // signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); + // ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; + // assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); + // } + // //Alice check substrate identity + // assertIdentityCreated(context.defaultSigner[0], resp_substrate); + // if (resp_substrate) { + // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_substrate.challengeCode), + // context.defaultSigner[0].addressRaw, + // substrateIdentity + // ); + // console.log('post verification msg to substrate: ', msg); + // substrateValidationData!.Web3Validation!.Substrate!.message = msg; + // signature_substrate = context.defaultSigner[0].sign(msg); + // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + // } + + // //Bob check extension substrate identity + // //https://github.com/litentry/litentry-parachain/issues/1137 + // assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); + // if (resp_extension_substrate) { + // console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_extension_substrate.challengeCode), + // context.defaultSigner[1].addressRaw, + // substrateExtensionIdentity + // ); + // console.log('post verification msg to substrate: ', msg); + // substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; + // // sign the wrapped version as in polkadot-extension + // signature_substrate = context.defaultSigner[1].sign( + // u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) + // ); + // substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = + // u8aToHex(signature_substrate); + // assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); + // } + // }); + // step('verify identities', async function () { + // //Alice verify all identities + // const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = + // (await verifyIdentities( + // context, + // context.defaultSigner[0], + // aesKey, + // true, + // [twitterIdentity, ethereumIdentity, substrateIdentity], + // [twitterValidationData, ethereumValidationData, substrateValidationData] + // )) as IdentityGenericEvent[]; + // //Bob verify extension substrate identities + // const [substrate_extension_identity_verified] = (await verifyIdentities( + // context, + // context.defaultSigner[1], + // aesKey, + // true, + // [substrateExtensionIdentity], + // [substrateExtensionValidationData] + // )) as IdentityGenericEvent[]; + + // //Alice + // assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); + // assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); + // assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); + // //Bob + // assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); + // }); + + // step('verify error identities', async function () { + // // verify same identities to one account + // const resp_same_verify = (await verifyErrorIdentities( + // context, + // context.defaultSigner[0], + // true, + // [twitterIdentity, ethereumIdentity, substrateIdentity], + // [twitterValidationData, ethereumValidationData, substrateValidationData] + // )) as string[]; + + // for (let k = 0; k < resp_same_verify.length; k++) { + // const data = resp_same_verify[k]; + // assert.equal( + // data, + // 'code not found', + // 'verify same identities to one account should fail with reason `code not found`' + // ); + // } + + // //verify an identity to an account but it isn't created before + // const resp_not_exist_verify = (await verifyErrorIdentities( + // context, + // context.defaultSigner[2], + // true, + // [twitterIdentity, ethereumIdentity, substrateIdentity], + // [twitterValidationData, ethereumValidationData, substrateValidationData] + // )) as string[]; + + // for (let l = 0; l < resp_not_exist_verify.length; l++) { + // const data = resp_not_exist_verify[l]; + // assert.equal( + // data, + // 'code not found', + // 'verify nonexistent identity should fail with reason `code not found`' + // ); + // } + // }); + + // step('remove identities', async function () { + // // Alice remove all identities + // const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = + // (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ + // twitterIdentity, + // ethereumIdentity, + // substrateIdentity, + // ])) as IdentityGenericEvent[]; + + // // Bob remove substrate identities + // const [substrate_extension_identity_removed] = (await removeIdentities( + // context, + // context.defaultSigner[1], + // aesKey, + // true, + // [substrateExtensionIdentity] + // )) as IdentityGenericEvent[]; + + // //Alice + // assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); + // assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); + // assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); + + // // Bob + // assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); + // }); + + // step('remove prime identity NOT allowed', async function () { + // // create substrate identity + // const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ + // substrateIdentity, + // ])) as IdentityGenericEvent[]; + // assertIdentityCreated(context.defaultSigner[0], resp_substrate); + + // if (resp_substrate) { + // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + // const msg = generateVerificationMessage( + // context, + // hexToU8a(resp_substrate.challengeCode), + // context.defaultSigner[0].addressRaw, + // substrateIdentity + // ); + + // console.log('post verification msg to substrate: ', msg); + // substrateValidationData!.Web3Validation!.Substrate!.message = msg; + // signature_substrate = context.defaultSigner[0].sign(msg); + // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + // } + + // // remove substrate identity + // const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ + // substrateIdentity, + // ])) as IdentityGenericEvent[]; + // assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); + + // // remove prime identity + // const substratePrimeIdentity = { + // Substrate: { + // address: `0x${Buffer.from(context.defaultSigner[0].publicKey).toString('hex')}`, + // network: 'Litentry', + // }, + // }; + + // const encode = context.substrate.createType('LitentryIdentity', substratePrimeIdentity).toHex(); + // const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); + // const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); + // await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); + + // const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); + + // expect(events.length).to.be.equal(1); + // const result = events[0].method as string; + // }); + + // step('remove error identities', async function () { + // //remove a nonexistent identity from an account + // const resp_not_exist_identities = (await removeErrorIdentities(context, context.defaultSigner[0], true, [ + // twitterIdentity, + // ethereumIdentity, + // substrateIdentity, + // ])) as string[]; + + // resp_not_exist_identities.map((item: any) => { + // const result = item.toHuman().data.reason; + // assert( + // result.search('IdentityNotExist') !== -1, + // 'remove twitter should fail with reason `IdentityNotExist`' + // ); + // }); + + // //remove a challenge code before the code is set + // const resp_not_created_identities = (await removeErrorIdentities(context, context.defaultSigner[2], true, [ + // twitterIdentity, + // ethereumIdentity, + // substrateIdentity, + // ])) as string[]; + + // resp_not_created_identities.map((item: any) => { + // const result = item.toHuman().data.reason; + // assert( + // result.search('IdentityNotExist') !== -1, + // 'remove twitter should fail with reason `IdentityNotExist`' + // ); + // }); + // }); - //Bob check extension substrate identity - //https://github.com/litentry/litentry-parachain/issues/1137 - assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); - if (resp_extension_substrate) { - console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_extension_substrate.challengeCode), - context.defaultSigner[1].addressRaw, - substrateExtensionIdentity - ); - console.log('post verification msg to substrate: ', msg); - substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; - // sign the wrapped version as in polkadot-extension - signature_substrate = context.defaultSigner[1].sign( - u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) - ); - substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = - u8aToHex(signature_substrate); - assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); - } - }); - step('verify identities', async function () { - //Alice verify all identities - const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = - (await verifyIdentities( - context, - context.defaultSigner[0], - aesKey, - true, - [twitterIdentity, ethereumIdentity, substrateIdentity], - [twitterValidationData, ethereumValidationData, substrateValidationData] - )) as IdentityGenericEvent[]; - //Bob verify extension substrate identities - const [substrate_extension_identity_verified] = (await verifyIdentities( - context, - context.defaultSigner[1], - aesKey, - true, - [substrateExtensionIdentity], - [substrateExtensionValidationData] - )) as IdentityGenericEvent[]; - - //Alice - assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); - assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); - assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); - //Bob - assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); - }); + step('remove error identities', async function () { + const identites = [twitterIdentity, ethereumIdentity, substrateIdentity]; - step('verify error identities', async function () { - // verify same identities to one account - const resp_same_verify = (await verifyErrorIdentities( + //remove a nonexistent identity + //context.defaultSigner[0] has aleady removed all identities in step('remove identities') + const resp_not_exist_identities = (await removeErrorIdentities( context, context.defaultSigner[0], true, - [twitterIdentity, ethereumIdentity, substrateIdentity], - [twitterValidationData, ethereumValidationData, substrateValidationData] + identites )) as string[]; - for (let k = 0; k < resp_same_verify.length; k++) { - const data = resp_same_verify[k]; - assert.equal( - data, - 'code not found', - 'verify same identities to one account should fail with reason `code not found`' - ); - } + await checkFailReason(resp_not_exist_identities, 'IdentityNotExist'); - //verify an identity to an account but it isn't created before - const resp_not_exist_verify = (await verifyErrorIdentities( + //remove a challenge code before the code is set + //context.defaultSigner[2] doesn't have a challenge code + const resp_not_created_identities = (await removeErrorIdentities( context, context.defaultSigner[2], true, - [twitterIdentity, ethereumIdentity, substrateIdentity], - [twitterValidationData, ethereumValidationData, substrateValidationData] + identites )) as string[]; - for (let l = 0; l < resp_not_exist_verify.length; l++) { - const data = resp_not_exist_verify[l]; - assert.equal( - data, - 'code not found', - 'verify nonexistent identity should fail with reason `code not found`' - ); - } - }); - - step('remove identities', async function () { - // Alice remove all identities - const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = - (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as IdentityGenericEvent[]; - - // Bob remove substrate identities - const [substrate_extension_identity_removed] = (await removeIdentities( - context, - context.defaultSigner[1], - aesKey, - true, - [substrateExtensionIdentity] - )) as IdentityGenericEvent[]; - - //Alice - assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); - assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); - assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); - - // Bob - assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); - }); - - step('remove prime identity NOT allowed', async function () { - // create substrate identity - const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ - substrateIdentity, - ])) as IdentityGenericEvent[]; - assertIdentityCreated(context.defaultSigner[0], resp_substrate); - - if (resp_substrate) { - console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - const msg = generateVerificationMessage( - context, - hexToU8a(resp_substrate.challengeCode), - context.defaultSigner[0].addressRaw, - substrateIdentity - ); - - console.log('post verification msg to substrate: ', msg); - substrateValidationData!.Web3Validation!.Substrate!.message = msg; - signature_substrate = context.defaultSigner[0].sign(msg); - substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - } - - // remove substrate identity - const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ - substrateIdentity, - ])) as IdentityGenericEvent[]; - assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); - - // remove prime identity - const substratePrimeIdentity = { - Substrate: { - address: `0x${Buffer.from(context.defaultSigner[0].publicKey).toString('hex')}`, - network: 'Litentry', - }, - }; - - const encode = context.substrate.createType('LitentryIdentity', substratePrimeIdentity).toHex(); - const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); - const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); - await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); - - const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); - - expect(events.length).to.be.equal(1); - const result = events[0].method as string; - }); - - step('remove error identities', async function () { - //remove a nonexistent identity from an account - const resp_not_exist_identities = (await removeErrorIdentities(context, context.defaultSigner[0], true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as string[]; - - resp_not_exist_identities.map((item: any) => { - const result = item.toHuman().data.reason; - assert( - result.search('IdentityNotExist') !== -1, - 'remove twitter should fail with reason `IdentityNotExist`' - ); - }); - - //remove a challenge code before the code is set - const resp_not_created_identities = (await removeErrorIdentities(context, context.defaultSigner[2], true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as string[]; - - resp_not_created_identities.map((item: any) => { - const result = item.toHuman().data.reason; - assert( - result.search('IdentityNotExist') !== -1, - 'remove twitter should fail with reason `IdentityNotExist`' - ); - }); - }); - - step('remove error identities', async function () { - //remove a nonexistent identity from an account - const resp_not_exist_identities = (await removeErrorIdentities(context, context.defaultSigner[0], true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as string[]; - - resp_not_exist_identities.map((item: any) => { - const result = item.toHuman().data.reason; - assert( - result.search('IdentityNotExist') !== -1, - 'remove twitter should fail with reason `IdentityNotExist`' - ); - }); - - //remove a challenge code before the code is set - const resp_not_created_identities = (await removeErrorIdentities(context, context.defaultSigner[2], true, [ - twitterIdentity, - ethereumIdentity, - substrateIdentity, - ])) as string[]; - - resp_not_created_identities.map((item: any) => { - const result = item.toHuman().data.reason; - assert( - result.search('IdentityNotExist') !== -1, - 'remove twitter should fail with reason `IdentityNotExist`' - ); - }); + await checkFailReason(resp_not_created_identities, 'IdentityNotExist'); }); step('set error user shielding key', async function () { diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index afd03c4a7c..5c27b60302 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -384,3 +384,10 @@ export async function checkJSON(vc: any, proofJson: any): Promise { ).to.be.true; return true; } + +export async function checkFailReason(response: string[], expectedReason: string) { + response.map((item: any) => { + const result = item.toHuman().data.reason; + expect(result.search(expectedReason)).not.to.be.eq(-1); + }); +} From f044ffa12bbc9bf6f350c0619acff4086bb92520 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Thu, 16 Mar 2023 20:33:25 +0800 Subject: [PATCH 20/24] check fail reason --- tee-worker/ts-tests/identity.test.ts | 466 +++++++++----------- tee-worker/ts-tests/indirect_error_calls.ts | 13 +- tee-worker/ts-tests/utils.ts | 20 +- tee-worker/ts-tests/vc.test.ts | 25 +- 4 files changed, 236 insertions(+), 288 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 349a74afbe..7b780d5beb 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -135,264 +135,216 @@ describeLitentry('Test Identity', (context) => { assert.equal(bob, u8aToHex(context.defaultSigner[1].addressRaw), 'check caller error'); }); - // step('create identities', async function () { - // //Alice create all identities - // const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentities( - // context, - // context.defaultSigner[0], - // aesKey, - // true, - // [twitterIdentity, ethereumIdentity, substrateIdentity] - // )) as IdentityGenericEvent[]; - - // //Bob create extension substrate identities - // const [resp_extension_substrate] = (await createIdentities(context, context.defaultSigner[1], aesKey, true, [ - // substrateExtensionIdentity, - // ])) as IdentityGenericEvent[]; - - // //Alice check twitter identity - // assertIdentityCreated(context.defaultSigner[0], resp_twitter); - - // if (resp_twitter) { - // console.log('twitterIdentity challengeCode: ', resp_twitter.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_twitter.challengeCode), - // context.defaultSigner[0].addressRaw, - // twitterIdentity - // ); - // console.log('post verification msg to twitter: ', msg); - // assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); - // } - // //Alice check ethereum identity - // assertIdentityCreated(context.defaultSigner[0], resp_ethereum); - // if (resp_ethereum) { - // console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_ethereum.challengeCode), - // context.defaultSigner[0].addressRaw, - // ethereumIdentity - // ); - // console.log('post verification msg to ethereum: ', msg); - // ethereumValidationData!.Web3Validation!.Evm!.message = msg; - // const msgHash = ethers.utils.arrayify(msg); - // signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); - // ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; - // assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); - // } - // //Alice check substrate identity - // assertIdentityCreated(context.defaultSigner[0], resp_substrate); - // if (resp_substrate) { - // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_substrate.challengeCode), - // context.defaultSigner[0].addressRaw, - // substrateIdentity - // ); - // console.log('post verification msg to substrate: ', msg); - // substrateValidationData!.Web3Validation!.Substrate!.message = msg; - // signature_substrate = context.defaultSigner[0].sign(msg); - // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - // } - - // //Bob check extension substrate identity - // //https://github.com/litentry/litentry-parachain/issues/1137 - // assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); - // if (resp_extension_substrate) { - // console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_extension_substrate.challengeCode), - // context.defaultSigner[1].addressRaw, - // substrateExtensionIdentity - // ); - // console.log('post verification msg to substrate: ', msg); - // substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; - // // sign the wrapped version as in polkadot-extension - // signature_substrate = context.defaultSigner[1].sign( - // u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) - // ); - // substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = - // u8aToHex(signature_substrate); - // assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); - // } - // }); - // step('verify identities', async function () { - // //Alice verify all identities - // const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = - // (await verifyIdentities( - // context, - // context.defaultSigner[0], - // aesKey, - // true, - // [twitterIdentity, ethereumIdentity, substrateIdentity], - // [twitterValidationData, ethereumValidationData, substrateValidationData] - // )) as IdentityGenericEvent[]; - // //Bob verify extension substrate identities - // const [substrate_extension_identity_verified] = (await verifyIdentities( - // context, - // context.defaultSigner[1], - // aesKey, - // true, - // [substrateExtensionIdentity], - // [substrateExtensionValidationData] - // )) as IdentityGenericEvent[]; - - // //Alice - // assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); - // assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); - // assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); - // //Bob - // assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); - // }); - - // step('verify error identities', async function () { - // // verify same identities to one account - // const resp_same_verify = (await verifyErrorIdentities( - // context, - // context.defaultSigner[0], - // true, - // [twitterIdentity, ethereumIdentity, substrateIdentity], - // [twitterValidationData, ethereumValidationData, substrateValidationData] - // )) as string[]; - - // for (let k = 0; k < resp_same_verify.length; k++) { - // const data = resp_same_verify[k]; - // assert.equal( - // data, - // 'code not found', - // 'verify same identities to one account should fail with reason `code not found`' - // ); - // } - - // //verify an identity to an account but it isn't created before - // const resp_not_exist_verify = (await verifyErrorIdentities( - // context, - // context.defaultSigner[2], - // true, - // [twitterIdentity, ethereumIdentity, substrateIdentity], - // [twitterValidationData, ethereumValidationData, substrateValidationData] - // )) as string[]; - - // for (let l = 0; l < resp_not_exist_verify.length; l++) { - // const data = resp_not_exist_verify[l]; - // assert.equal( - // data, - // 'code not found', - // 'verify nonexistent identity should fail with reason `code not found`' - // ); - // } - // }); - - // step('remove identities', async function () { - // // Alice remove all identities - // const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = - // (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ - // twitterIdentity, - // ethereumIdentity, - // substrateIdentity, - // ])) as IdentityGenericEvent[]; - - // // Bob remove substrate identities - // const [substrate_extension_identity_removed] = (await removeIdentities( - // context, - // context.defaultSigner[1], - // aesKey, - // true, - // [substrateExtensionIdentity] - // )) as IdentityGenericEvent[]; - - // //Alice - // assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); - // assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); - // assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); - - // // Bob - // assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); - // }); - - // step('remove prime identity NOT allowed', async function () { - // // create substrate identity - // const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ - // substrateIdentity, - // ])) as IdentityGenericEvent[]; - // assertIdentityCreated(context.defaultSigner[0], resp_substrate); + step('create identities', async function () { + //Alice create all identities + const [resp_twitter, resp_ethereum, resp_substrate] = (await createIdentities( + context, + context.defaultSigner[0], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity] + )) as IdentityGenericEvent[]; + + //Bob create extension substrate identities + const [resp_extension_substrate] = (await createIdentities(context, context.defaultSigner[1], aesKey, true, [ + substrateExtensionIdentity, + ])) as IdentityGenericEvent[]; + + //Alice check twitter identity + assertIdentityCreated(context.defaultSigner[0], resp_twitter); + + if (resp_twitter) { + console.log('twitterIdentity challengeCode: ', resp_twitter.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_twitter.challengeCode), + context.defaultSigner[0].addressRaw, + twitterIdentity + ); + console.log('post verification msg to twitter: ', msg); + assert.isNotEmpty(resp_twitter.challengeCode, 'challengeCode empty'); + } + //Alice check ethereum identity + assertIdentityCreated(context.defaultSigner[0], resp_ethereum); + if (resp_ethereum) { + console.log('ethereumIdentity challengeCode: ', resp_ethereum.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_ethereum.challengeCode), + context.defaultSigner[0].addressRaw, + ethereumIdentity + ); + console.log('post verification msg to ethereum: ', msg); + ethereumValidationData!.Web3Validation!.Evm!.message = msg; + const msgHash = ethers.utils.arrayify(msg); + signature_ethereum = await context.ethersWallet.alice.signMessage(msgHash); + ethereumValidationData!.Web3Validation!.Evm!.signature!.Ethereum = signature_ethereum; + assert.isNotEmpty(resp_ethereum.challengeCode, 'challengeCode empty'); + } + //Alice check substrate identity + assertIdentityCreated(context.defaultSigner[0], resp_substrate); + if (resp_substrate) { + console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_substrate.challengeCode), + context.defaultSigner[0].addressRaw, + substrateIdentity + ); + console.log('post verification msg to substrate: ', msg); + substrateValidationData!.Web3Validation!.Substrate!.message = msg; + signature_substrate = context.defaultSigner[0].sign(msg); + substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + } - // if (resp_substrate) { - // console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); - // const msg = generateVerificationMessage( - // context, - // hexToU8a(resp_substrate.challengeCode), - // context.defaultSigner[0].addressRaw, - // substrateIdentity - // ); + //Bob check extension substrate identity + //https://github.com/litentry/litentry-parachain/issues/1137 + assertIdentityCreated(context.defaultSigner[1], resp_extension_substrate); + if (resp_extension_substrate) { + console.log('substrateExtensionIdentity challengeCode: ', resp_extension_substrate.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_extension_substrate.challengeCode), + context.defaultSigner[1].addressRaw, + substrateExtensionIdentity + ); + console.log('post verification msg to substrate: ', msg); + substrateExtensionValidationData!.Web3Validation!.Substrate!.message = msg; + // sign the wrapped version as in polkadot-extension + signature_substrate = context.defaultSigner[1].sign( + u8aConcat(stringToU8a(''), u8aToU8a(msg), stringToU8a('')) + ); + substrateExtensionValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = + u8aToHex(signature_substrate); + assert.isNotEmpty(resp_extension_substrate.challengeCode, 'challengeCode empty'); + } + }); + step('verify identities', async function () { + //Alice verify all identities + const [twitter_identity_verified, ethereum_identity_verified, substrate_identity_verified] = + (await verifyIdentities( + context, + context.defaultSigner[0], + aesKey, + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as IdentityGenericEvent[]; + //Bob verify extension substrate identities + const [substrate_extension_identity_verified] = (await verifyIdentities( + context, + context.defaultSigner[1], + aesKey, + true, + [substrateExtensionIdentity], + [substrateExtensionValidationData] + )) as IdentityGenericEvent[]; + + //Alice + assertIdentityVerified(context.defaultSigner[0], twitter_identity_verified); + assertIdentityVerified(context.defaultSigner[0], ethereum_identity_verified); + assertIdentityVerified(context.defaultSigner[0], substrate_identity_verified); + //Bob + assertIdentityVerified(context.defaultSigner[1], substrate_extension_identity_verified); + }); - // console.log('post verification msg to substrate: ', msg); - // substrateValidationData!.Web3Validation!.Substrate!.message = msg; - // signature_substrate = context.defaultSigner[0].sign(msg); - // substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); - // assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); - // } + step('verify error identities', async function () { + // verify same identities to one account + const resp_same_verify = (await verifyErrorIdentities( + context, + context.defaultSigner[0], + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as string[]; + await checkFailReason(resp_same_verify, 'code not found', false); - // // remove substrate identity - // const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ - // substrateIdentity, - // ])) as IdentityGenericEvent[]; - // assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); + //verify an identity to an account but it isn't created before + const resp_not_exist_verify = (await verifyErrorIdentities( + context, + context.defaultSigner[2], + true, + [twitterIdentity, ethereumIdentity, substrateIdentity], + [twitterValidationData, ethereumValidationData, substrateValidationData] + )) as string[]; + await checkFailReason(resp_not_exist_verify, 'code not found', false); + }); - // // remove prime identity - // const substratePrimeIdentity = { - // Substrate: { - // address: `0x${Buffer.from(context.defaultSigner[0].publicKey).toString('hex')}`, - // network: 'Litentry', - // }, - // }; + step('remove identities', async function () { + // Alice remove all identities + const [twitter_identity_removed, ethereum_identity_removed, substrate_identity_removed] = + (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ + twitterIdentity, + ethereumIdentity, + substrateIdentity, + ])) as IdentityGenericEvent[]; + + // Bob remove substrate identities + const [substrate_extension_identity_removed] = (await removeIdentities( + context, + context.defaultSigner[1], + aesKey, + true, + [substrateExtensionIdentity] + )) as IdentityGenericEvent[]; - // const encode = context.substrate.createType('LitentryIdentity', substratePrimeIdentity).toHex(); - // const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); - // const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); - // await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); + //Alice + assertIdentityRemoved(context.defaultSigner[0], twitter_identity_removed); + assertIdentityRemoved(context.defaultSigner[0], ethereum_identity_removed); + assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); - // const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); + // Bob + assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); + }); - // expect(events.length).to.be.equal(1); - // const result = events[0].method as string; - // }); + step('remove prime identity NOT allowed', async function () { + // create substrate identity + const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ + substrateIdentity, + ])) as IdentityGenericEvent[]; + assertIdentityCreated(context.defaultSigner[0], resp_substrate); + + if (resp_substrate) { + console.log('substrateIdentity challengeCode: ', resp_substrate.challengeCode); + const msg = generateVerificationMessage( + context, + hexToU8a(resp_substrate.challengeCode), + context.defaultSigner[0].addressRaw, + substrateIdentity + ); + + console.log('post verification msg to substrate: ', msg); + substrateValidationData!.Web3Validation!.Substrate!.message = msg; + signature_substrate = context.defaultSigner[0].sign(msg); + substrateValidationData!.Web3Validation!.Substrate!.signature!.Sr25519 = u8aToHex(signature_substrate); + assert.isNotEmpty(resp_substrate.challengeCode, 'challengeCode empty'); + } - // step('remove error identities', async function () { - // //remove a nonexistent identity from an account - // const resp_not_exist_identities = (await removeErrorIdentities(context, context.defaultSigner[0], true, [ - // twitterIdentity, - // ethereumIdentity, - // substrateIdentity, - // ])) as string[]; + // remove substrate identity + const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ + substrateIdentity, + ])) as IdentityGenericEvent[]; + assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); + + // remove prime identity + const substratePrimeIdentity = { + Substrate: { + address: `0x${Buffer.from(context.defaultSigner[0].publicKey).toString('hex')}`, + network: 'Litentry', + }, + }; - // resp_not_exist_identities.map((item: any) => { - // const result = item.toHuman().data.reason; - // assert( - // result.search('IdentityNotExist') !== -1, - // 'remove twitter should fail with reason `IdentityNotExist`' - // ); - // }); + const encode = context.substrate.createType('LitentryIdentity', substratePrimeIdentity).toHex(); + const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); + const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); + await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); - // //remove a challenge code before the code is set - // const resp_not_created_identities = (await removeErrorIdentities(context, context.defaultSigner[2], true, [ - // twitterIdentity, - // ethereumIdentity, - // substrateIdentity, - // ])) as string[]; + const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); - // resp_not_created_identities.map((item: any) => { - // const result = item.toHuman().data.reason; - // assert( - // result.search('IdentityNotExist') !== -1, - // 'remove twitter should fail with reason `IdentityNotExist`' - // ); - // }); - // }); + expect(events.length).to.be.equal(1); + const result = events[0].method as string; + }); step('remove error identities', async function () { const identites = [twitterIdentity, ethereumIdentity, substrateIdentity]; @@ -406,7 +358,7 @@ describeLitentry('Test Identity', (context) => { identites )) as string[]; - await checkFailReason(resp_not_exist_identities, 'IdentityNotExist'); + await checkFailReason(resp_not_exist_identities, 'IdentityNotExist', true); //remove a challenge code before the code is set //context.defaultSigner[2] doesn't have a challenge code @@ -417,16 +369,17 @@ describeLitentry('Test Identity', (context) => { identites )) as string[]; - await checkFailReason(resp_not_created_identities, 'IdentityNotExist'); + await checkFailReason(resp_not_created_identities, 'IdentityNotExist', true); }); step('set error user shielding key', async function () { - const result = await setErrorUserShieldingKey(context, context.defaultSigner[0], errorAseKey, true); - assert.equal( - result, - 'SetUserShieldingKeyHandlingFailed', - 'result is not equal to SetUserShieldingKeyHandlingFailed' + const resp_error_shielding_key = await setErrorUserShieldingKey( + context, + context.defaultSigner[0], + errorAseKey, + true ); + await checkFailReason([resp_error_shielding_key] as string[], 'SetUserShieldingKeyHandlingFailed', false); }); step('create error identities', async function () { @@ -434,9 +387,6 @@ describeLitentry('Test Identity', (context) => { const resp_error_identities = (await createErrorIdentities(context, context.defaultSigner[0], true, [ errorCiphertext, ])) as string[]; - for (let i = 0; i < resp_error_identities.length; i++) { - const result = resp_error_identities[i]; - assert.equal(result, 'CreateIdentityHandlingFailed', 'result is not equal to CreateIdentityHandlingFailed'); - } + await checkFailReason(resp_error_identities, 'CreateIdentityHandlingFailed', false); }); }); diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 034ce2881d..2ea64288d0 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -1,6 +1,8 @@ import { encryptWithTeeShieldingKey, listenEvent, sendTxUntilInBlock, sendTxUntilInBlockList } from './utils'; import { KeyringPair } from '@polkadot/keyring/types'; import { HexString } from '@polkadot/util/types'; +import { Event } from '@polkadot/types/interfaces'; + import { Assertion, IntegrationTestContext, @@ -157,14 +159,7 @@ export async function requestErrorVCs( listening: boolean, mrEnclave: HexString, assertion: Assertion -): Promise< - | { - account: HexString; - index: HexString; - vc: HexString; - }[] - | undefined -> { +): Promise { let txs: TransactionSubmit[] = []; let len = 0; @@ -182,7 +177,7 @@ export async function requestErrorVCs( await sendTxUntilInBlockList(context.substrate, txs, signer); if (listening) { - const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as any; + const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as Event[]; expect(events.length).to.be.equal(len); return events; } diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index 5c27b60302..6e1b632f0c 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -24,7 +24,7 @@ import { after, before, describe } from 'mocha'; import { generateChallengeCode, getSigner } from './web3/setup'; import { ethers } from 'ethers'; import { generateTestKeys } from './web3/functions'; -import { expect } from 'chai'; +import { assert, expect } from 'chai'; import { Base64 } from 'js-base64'; import * as ed from '@noble/ed25519'; const base58 = require('micro-base58'); @@ -385,9 +385,21 @@ export async function checkJSON(vc: any, proofJson: any): Promise { return true; } -export async function checkFailReason(response: string[], expectedReason: string) { +export async function checkFailReason( + response: string[] | Event[], + expectedReason: string, + isModule: boolean +): Promise { + let failReason = ''; + response.map((item: any) => { - const result = item.toHuman().data.reason; - expect(result.search(expectedReason)).not.to.be.eq(-1); + isModule ? (failReason = item.toHuman().data.reason) : (failReason = item); + + assert.notEqual( + failReason.search(expectedReason), + -1, + `check fail reason failed, expected reason is ${expectedReason}, but got ${failReason}` + ); }); + return true; } diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index ae2f1ad276..786a835ee1 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -1,4 +1,4 @@ -import { describeLitentry, checkVc } from './utils'; +import { describeLitentry, checkVc, checkFailReason } from './utils'; import { step } from 'mocha-steps'; import { setUserShieldingKey, requestVCs, disableVCs, revokeVCs } from './indirect_calls'; import { Assertion } from './type-definitions'; @@ -7,6 +7,7 @@ import { u8aToHex } from '@polkadot/util'; import { HexString } from '@polkadot/util/types'; import { blake2AsHex } from '@polkadot/util-crypto'; import { requestErrorVCs, disableErrorVCs, revokeErrorVCs } from './indirect_error_calls'; +import { Event } from '@polkadot/types/interfaces'; const assertion = { A1: 'A1', @@ -67,16 +68,9 @@ describeLitentry('VC test', async (context) => { true, context.mrEnclave, assertion - )) as any; + )) as Event[]; - resp_request_error.map((item: any) => { - const result = item.toHuman().data.reason; - - assert( - result.search('User shielding key is missing') !== -1, - 'requestVc should fail with reason `User shielding key is missing`' - ); - }); + await checkFailReason(resp_request_error, 'User shielding key is missing', true); }); step('Disable VC', async () => { const res = (await disableVCs(context, context.defaultSigner[0], aesKey, true, indexList)) as HexString[]; @@ -87,16 +81,14 @@ describeLitentry('VC test', async (context) => { } }); step('Disable error VC', async () => { - //Bob dont't request VC before + //Alice has already disabled the VC const resp_disable_error = (await disableErrorVCs( context, context.defaultSigner[0], true, indexList )) as HexString[]; - for (let k = 0; k < resp_disable_error.length; k++) { - assert.equal(resp_disable_error[k], 'vcManagement.VCAlreadyDisabled', 'check disableVc error'); - } + await checkFailReason(resp_disable_error, 'vcManagement.VCAlreadyDisabled', false); }); step('Revoke VC', async () => { @@ -109,14 +101,13 @@ describeLitentry('VC test', async (context) => { }); step('Revoke Error VC', async () => { + //Alice has already revoked the VC const resp_revoke_error = (await revokeErrorVCs( context, context.defaultSigner[0], true, indexList )) as string[]; - for (let k = 0; k < resp_revoke_error.length; k++) { - assert.equal(resp_revoke_error[k], 'vcManagement.VCNotExist', 'check revokeVc error'); - } + await checkFailReason(resp_revoke_error, 'vcManagement.VCNotExist', false); }); }); From c54134847cbff0e6cb505cbb69698544f25c64cc Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Thu, 16 Mar 2023 20:46:05 +0800 Subject: [PATCH 21/24] move nonce out loop --- tee-worker/ts-tests/indirect_error_calls.ts | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 2ea64288d0..8af6e37d3b 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -40,6 +40,8 @@ export async function createErrorIdentities( errorCiphertexts: string[] ): Promise { let txs: TransactionSubmit[] = []; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + for (let k = 0; k < errorCiphertexts.length; k++) { const errorCiphertext = errorCiphertexts[k]; const tx = context.substrate.tx.identityManagement.createIdentity( @@ -49,7 +51,6 @@ export async function createErrorIdentities( null ); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + k; txs.push({ tx, @@ -81,6 +82,8 @@ export async function verifyErrorIdentities( datas: LitentryValidationData[] ): Promise { let txs: TransactionSubmit[] = []; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + for (let k = 0; k < identities.length; k++) { let identity = identities[k]; let data = datas[k]; @@ -99,7 +102,6 @@ export async function verifyErrorIdentities( `0x${validation_ciphertext}` ); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + k; txs.push({ tx, @@ -129,12 +131,13 @@ export async function removeErrorIdentities( identities: any[] ): Promise { let txs: TransactionSubmit[] = []; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); + for (let index = 0; index < identities.length; index++) { const identity = identities[index]; const encode = context.substrate.createType('LitentryIdentity', identity).toHex(); const ciphertext = encryptWithTeeShieldingKey(context.teeShieldingKey, encode).toString('hex'); const tx = context.substrate.tx.identityManagement.removeIdentity(context.mrEnclave, `0x${ciphertext}`); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + index; txs.push({ @@ -162,13 +165,13 @@ export async function requestErrorVCs( ): Promise { let txs: TransactionSubmit[] = []; let len = 0; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); for (const key in assertion) { len++; const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, { [key]: assertion[key as keyof Assertion], }); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + (len - 1); txs.push({ tx, nonce: newNonce }); @@ -190,10 +193,10 @@ export async function disableErrorVCs( indexList: HexString[] ): Promise { let txs: TransactionSubmit[] = []; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); for (let k = 0; k < indexList.length; k++) { const tx = context.substrate.tx.vcManagement.disableVc(indexList[k]); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + k; txs.push({ tx, nonce: newNonce }); } @@ -209,10 +212,10 @@ export async function revokeErrorVCs( indexList: HexString[] ): Promise { let txs: TransactionSubmit[] = []; + const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); for (let k = 0; k < indexList.length; k++) { const tx = context.substrate.tx.vcManagement.revokeVc(indexList[k]); - const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); let newNonce = nonce.toNumber() + k; txs.push({ tx, nonce: newNonce }); } From 19145ac8f09fb71ca3da62910733da8844c3c448 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Thu, 16 Mar 2023 21:08:08 +0800 Subject: [PATCH 22/24] format code --- tee-worker/ts-tests/identity.test.ts | 30 +++++++++++----------------- 1 file changed, 12 insertions(+), 18 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 7b780d5beb..0ad18ea3f7 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -1,11 +1,4 @@ -import { - describeLitentry, - encryptWithTeeShieldingKey, - generateVerificationMessage, - listenEvent, - sendTxUntilInBlock, - checkFailReason, -} from './utils'; +import { describeLitentry, encryptWithTeeShieldingKey, generateVerificationMessage, listenEvent, sendTxUntilInBlock, checkFailReason } from './utils'; import { hexToU8a, u8aConcat, u8aToHex, u8aToU8a, stringToU8a } from '@polkadot/util'; import { setUserShieldingKey, @@ -298,11 +291,9 @@ describeLitentry('Test Identity', (context) => { assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); }); - step('remove prime identity NOT allowed', async function () { - // create substrate identity - const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [ - substrateIdentity, - ])) as IdentityGenericEvent[]; + step('remove prime identity NOT allowed', async function () { + // create substrate identity + const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [substrateIdentity])) as IdentityGenericEvent[]; assertIdentityCreated(context.defaultSigner[0], resp_substrate); if (resp_substrate) { @@ -322,9 +313,13 @@ describeLitentry('Test Identity', (context) => { } // remove substrate identity - const [substrate_identity_removed] = (await removeIdentities(context, context.defaultSigner[0], aesKey, true, [ - substrateIdentity, - ])) as IdentityGenericEvent[]; + const [substrate_identity_removed] = (await removeIdentities( + context, + context.defaultSigner[0], + aesKey, + true, + [substrateIdentity] + )) as IdentityGenericEvent[]; assertIdentityRemoved(context.defaultSigner[0], substrate_identity_removed); // remove prime identity @@ -341,10 +336,9 @@ describeLitentry('Test Identity', (context) => { await sendTxUntilInBlock(context.substrate, tx, context.defaultSigner[0]); const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); - expect(events.length).to.be.equal(1); const result = events[0].method as string; - }); + }); step('remove error identities', async function () { const identites = [twitterIdentity, ethereumIdentity, substrateIdentity]; From 9e77c3bfccd23419355b20c1ac33abbf6b00eb18 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Thu, 16 Mar 2023 21:42:14 +0800 Subject: [PATCH 23/24] change test flow(only use A1 trigger error event) --- tee-worker/ts-tests/indirect_error_calls.ts | 15 ++++++----- tee-worker/ts-tests/vc.test.ts | 29 ++++++++++++--------- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index 8af6e37d3b..d296686bb7 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -161,27 +161,28 @@ export async function requestErrorVCs( aesKey: HexString, listening: boolean, mrEnclave: HexString, - assertion: Assertion + assertion: Assertion, + keys: string[] ): Promise { let txs: TransactionSubmit[] = []; - let len = 0; const nonce = await context.substrate.rpc.system.accountNextIndex(signer.address); - for (const key in assertion) { - len++; + for (let index = 0; index < keys.length; index++) { + const key = keys[index]; const tx = context.substrate.tx.vcManagement.requestVc(mrEnclave, { [key]: assertion[key as keyof Assertion], }); - - let newNonce = nonce.toNumber() + (len - 1); + let newNonce = nonce.toNumber() + index; txs.push({ tx, nonce: newNonce }); } + + await sendTxUntilInBlockList(context.substrate, txs, signer); if (listening) { const events = (await listenEvent(context.substrate, 'vcManagement', ['StfError'])) as Event[]; - expect(events.length).to.be.equal(len); + expect(events.length).to.be.equal(keys.length); return events; } return undefined; diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 786a835ee1..6cd8a2cf50 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -19,6 +19,10 @@ const assertion = { A10: [10], A11: [10], }; + + +// it doesn't make much difference test A1 only vs test A1 - A11, one VC type is enough. +//So only use A1 to trigger the wrong event describeLitentry('VC test', async (context) => { const aesKey = '0x22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12'; var indexList: HexString[] = []; @@ -60,14 +64,15 @@ describeLitentry('VC test', async (context) => { indexList.push(res[k].index); } }); - step('Request Error VC', async () => { + step('Request Error VC(A1)', async () => { const resp_request_error = (await requestErrorVCs( context, context.defaultSigner[1], aesKey, true, context.mrEnclave, - assertion + assertion, + ['A1'] )) as Event[]; await checkFailReason(resp_request_error, 'User shielding key is missing', true); @@ -80,13 +85,14 @@ describeLitentry('VC test', async (context) => { assert.equal(registry.toHuman()!['status'], 'Disabled'); } }); - step('Disable error VC', async () => { - //Alice has already disabled the VC + step('Disable error VC(A1)', async () => { + //Alice has already disabled the A1 VC const resp_disable_error = (await disableErrorVCs( context, context.defaultSigner[0], true, - indexList + + [indexList[0]] )) as HexString[]; await checkFailReason(resp_disable_error, 'vcManagement.VCAlreadyDisabled', false); }); @@ -100,14 +106,11 @@ describeLitentry('VC test', async (context) => { } }); - step('Revoke Error VC', async () => { - //Alice has already revoked the VC - const resp_revoke_error = (await revokeErrorVCs( - context, - context.defaultSigner[0], - true, - indexList - )) as string[]; + step('Revoke Error VC(A1)', async () => { + //Alice has already revoked the A1 VC + const resp_revoke_error = (await revokeErrorVCs(context, context.defaultSigner[0], true, [ + indexList[0], + ])) as string[]; await checkFailReason(resp_revoke_error, 'vcManagement.VCNotExist', false); }); }); From 2cfc52f653bbb9f1d9c118b1943ca0ea8c9e0577 Mon Sep 17 00:00:00 2001 From: Verin1005 Date: Fri, 17 Mar 2023 11:16:41 +0800 Subject: [PATCH 24/24] format code --- tee-worker/ts-tests/identity.test.ts | 12 ++++++------ tee-worker/ts-tests/indirect_error_calls.ts | 2 -- tee-worker/ts-tests/utils.ts | 13 ++++++++----- tee-worker/ts-tests/vc.test.ts | 4 ++-- 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/tee-worker/ts-tests/identity.test.ts b/tee-worker/ts-tests/identity.test.ts index 0ad18ea3f7..c1d7226a82 100644 --- a/tee-worker/ts-tests/identity.test.ts +++ b/tee-worker/ts-tests/identity.test.ts @@ -291,8 +291,8 @@ describeLitentry('Test Identity', (context) => { assertIdentityRemoved(context.defaultSigner[1], substrate_extension_identity_removed); }); - step('remove prime identity NOT allowed', async function () { - // create substrate identity + step('remove prime identity NOT allowed', async function () { + // create substrate identity const [resp_substrate] = (await createIdentities(context, context.defaultSigner[0], aesKey, true, [substrateIdentity])) as IdentityGenericEvent[]; assertIdentityCreated(context.defaultSigner[0], resp_substrate); @@ -338,10 +338,10 @@ describeLitentry('Test Identity', (context) => { const events = await listenEvent(context.substrate, 'identityManagement', ['StfError']); expect(events.length).to.be.equal(1); const result = events[0].method as string; - }); + }); step('remove error identities', async function () { - const identites = [twitterIdentity, ethereumIdentity, substrateIdentity]; + const identities = [twitterIdentity, ethereumIdentity, substrateIdentity]; //remove a nonexistent identity //context.defaultSigner[0] has aleady removed all identities in step('remove identities') @@ -349,7 +349,7 @@ describeLitentry('Test Identity', (context) => { context, context.defaultSigner[0], true, - identites + identities )) as string[]; await checkFailReason(resp_not_exist_identities, 'IdentityNotExist', true); @@ -360,7 +360,7 @@ describeLitentry('Test Identity', (context) => { context, context.defaultSigner[2], true, - identites + identities )) as string[]; await checkFailReason(resp_not_created_identities, 'IdentityNotExist', true); diff --git a/tee-worker/ts-tests/indirect_error_calls.ts b/tee-worker/ts-tests/indirect_error_calls.ts index d296686bb7..e2a778eb2a 100644 --- a/tee-worker/ts-tests/indirect_error_calls.ts +++ b/tee-worker/ts-tests/indirect_error_calls.ts @@ -176,8 +176,6 @@ export async function requestErrorVCs( txs.push({ tx, nonce: newNonce }); } - - await sendTxUntilInBlockList(context.substrate, txs, signer); if (listening) { diff --git a/tee-worker/ts-tests/utils.ts b/tee-worker/ts-tests/utils.ts index 6e1b632f0c..eb3c87de9f 100644 --- a/tee-worker/ts-tests/utils.ts +++ b/tee-worker/ts-tests/utils.ts @@ -11,6 +11,7 @@ import { teeTypes, WorkerRpcReturnValue, TransactionSubmit, + JsonSchema } from './type-definitions'; import { blake2AsHex, cryptoWaitReady } from '@polkadot/util-crypto'; import { ApiTypes, SubmittableExtrinsic } from '@polkadot/api/types'; @@ -26,6 +27,7 @@ import { ethers } from 'ethers'; import { generateTestKeys } from './web3/functions'; import { assert, expect } from 'chai'; import { Base64 } from 'js-base64'; +import Ajv from 'ajv'; import * as ed from '@noble/ed25519'; const base58 = require('micro-base58'); const crypto = require('crypto'); @@ -372,11 +374,11 @@ export async function checkVc(vcObj: any, index: HexString, proof: any, api: Api //Check VC json fields export async function checkJSON(vc: any, proofJson: any): Promise { - const vcStatus = ['@context', 'type', 'credentialSubject', 'issuer'].every( - (key) => - vc.hasOwnProperty(key) && (vc[key] != '{}' || vc[key] !== '[]' || vc[key] !== null || vc[key] !== undefined) - ); - expect(vcStatus).to.be.true; + //check JsonSchema + const ajv = new Ajv(); + const validate = ajv.compile(JsonSchema); + const isValid = validate(vc); + expect(isValid).to.be.true; expect( vc.type[0] === 'VerifiableCredential' && vc.issuer.id === proofJson.verificationMethod && @@ -390,6 +392,7 @@ export async function checkFailReason( expectedReason: string, isModule: boolean ): Promise { + let failReason = ''; response.map((item: any) => { diff --git a/tee-worker/ts-tests/vc.test.ts b/tee-worker/ts-tests/vc.test.ts index 6cd8a2cf50..b66f0bb04e 100644 --- a/tee-worker/ts-tests/vc.test.ts +++ b/tee-worker/ts-tests/vc.test.ts @@ -21,7 +21,7 @@ const assertion = { }; -// it doesn't make much difference test A1 only vs test A1 - A11, one VC type is enough. +//It doesn't make much difference test A1 only vs test A1 - A11, one VC type is enough. //So only use A1 to trigger the wrong event describeLitentry('VC test', async (context) => { const aesKey = '0x22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12'; @@ -31,7 +31,7 @@ describeLitentry('VC test', async (context) => { assert.equal(who, u8aToHex(context.defaultSigner[0].addressRaw), 'check caller error'); }); step('Request VC', async () => { - // request all vc + //request all vc const res = (await requestVCs( context, context.defaultSigner[0],